Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Config Cache DNS Extensible Software' = 'C:\pwnczmpv\kdupfca.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Scheduler Keying Block SSDP AutoConfig] 'ImagePath' = 'C:\pwnczmpv\kdupfca.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Scheduler Keying Block SSDP AutoConfig] 'Start' = '00000002'
- 'C:\pwnczmpv\kdupfca.exe'
- 'C:\pwnczmpv\wg2gb9hwpo4fzrp2.exe'
- %TEMP%\WERd5ba.dir00\kdupfca.exe.mdmp
- C:\pwnczmpv\tpbxaeha7izm
- %TEMP%\WERd5ba.dir00\kdupfca.exe.hdmp
- %TEMP%\WERd5ba.dir00\manifest.txt
- %TEMP%\WERd5ba.dir00\appcompat.txt
- C:\pwnczmpv\innoozakmp
- %WINDIR%\pwnczmpv\innoozakmp
- C:\pwnczmpv\wg2gb9hwpo4fzrp2.exe
- C:\pwnczmpv\vhvzdhebq.exe
- C:\pwnczmpv\kdupfca.exe
- C:\pwnczmpv\vhvzdhebq.exe
- C:\pwnczmpv\kdupfca.exe
- C:\pwnczmpv\wg2gb9hwpo4fzrp2.exe
- %WINDIR%\pwnczmpv\innoozakmp
- %WINDIR%\pwnczmpv\innoozakmp
- ClassName: 'Shell_TrayWnd' WindowName: ''