Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Media PnP-X Tunneling Mapper' = 'C:\rdutkyf\osmjfwhifft.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Video Virtual Name Connections] 'ImagePath' = 'C:\rdutkyf\osmjfwhifft.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Video Virtual Name Connections] 'Start' = '00000002'
- 'C:\rdutkyf\wkfohwycsz.exe' "c:\rdutkyf\osmjfwhifft.exe"
- 'C:\rdutkyf\osmjfwhifft.exe'
- 'C:\rdutkyf\xi3c5ilazxavqhww.exe'
- %TEMP%\WER5a91.dir00\osmjfwhifft.exe.mdmp
- %TEMP%\WER5a91.dir00\osmjfwhifft.exe.hdmp
- %TEMP%\WER8f67.dir00\manifest.txt
- %TEMP%\WER8f67.dir00\osmjfwhifft.exe.hdmp
- %TEMP%\WER8f67.dir00\appcompat.txt
- %TEMP%\WER5a91.dir00\appcompat.txt
- %TEMP%\WER0ada.dir00\appcompat.txt
- %TEMP%\WER0ada.dir00\manifest.txt
- %TEMP%\WER0ada.dir00\osmjfwhifft.exe.hdmp
- %TEMP%\WER5a91.dir00\manifest.txt
- %TEMP%\WER0ada.dir00\osmjfwhifft.exe.mdmp
- C:\rdutkyf\osmjfwhifft.exe
- C:\rdutkyf\wkfohwycsz.exe
- C:\rdutkyf\xi3c5ilazxavqhww.exe
- %WINDIR%\rdutkyf\zwrgbzfo
- C:\rdutkyf\zwrgbzfo
- C:\rdutkyf\whndyhw
- %TEMP%\WER624a.dir00\manifest.txt
- %TEMP%\WER8f67.dir00\osmjfwhifft.exe.mdmp
- %TEMP%\WER624a.dir00\appcompat.txt
- %TEMP%\WER624a.dir00\osmjfwhifft.exe.mdmp
- %TEMP%\WER624a.dir00\osmjfwhifft.exe.hdmp
- C:\rdutkyf\wkfohwycsz.exe
- C:\rdutkyf\osmjfwhifft.exe
- C:\rdutkyf\xi3c5ilazxavqhww.exe
- %WINDIR%\rdutkyf\zwrgbzfo
- %WINDIR%\rdutkyf\zwrgbzfo
- ClassName: 'Shell_TrayWnd' WindowName: ''