Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'MsVnmp' = '<SYSTEM32>\msvnmp.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%TEMP%\tmp51813\msvnmp.exe' = '%TEMP%\tmp51813\msvnmp.exe:*:Enabled:Microsoft VNMP'
- '%TEMP%\tmp51813\msvnmp.exe'
- '%TEMP%\tmp51813\crab-ball.exe'
- %TEMP%\tmp51813\msvnmp.exe
- <SYSTEM32>\msvnmp.exe
- %TEMP%\tmp51813\msvnmp.exe.zlb
- %TEMP%\tmp51813\crab-ball.exe.zlb
- %TEMP%\tmp51813\crab-ball.exe
- %TEMP%\tmp51813\crab-ball.exe.zlb
- %TEMP%\tmp51813\msvnmp.exe.zlb
- ClassName: 'TAppBuilder' WindowName: '(null)'
- ClassName: 'Tfmsvnmp' WindowName: '(null)'
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'TAlignPalette' WindowName: '(null)'
- ClassName: 'TPropertyInspector' WindowName: '(null)'