Technical Information
- [HKLM\System\CurrentControlSet\Services\ialdnwxf] 'ImagePath' = '<Current directory>\superec.ProcessMemory.sys'
- 'ialdnwxf' <Current directory>\\superec.ProcessMemory.sys
- 'ialdnwxf' <Current directory>\superec.ProcessMemory.sys
- '%WINDIR%\syswow64\taskkill.exe' /f /im DNF.exe.manifest
- <Current directory>\superec.processmemory.sys
- %WINDIR%\temp\udd8f25.tmp
- %WINDIR%\temp\udd8f25.tmp
- <Current directory>\superec.processmemory.sys
- ClassName: '' WindowName: 'QQDL.exe'
- ClassName: '' WindowName: ''
- '%WINDIR%\syswow64\taskkill.exe' /f /im DNF.exe.manifest' (with hidden window)