| ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

| ZeroBOX

BCDGFJFJGHKJK.exe "C:\Users\test22\AppData\Local\Temp\BCDGFJFJGHKJK.exe"
2552
- Powershell.exe "Powershell" Copy-Item 'C:\Users\test22\AppData\Local\Temp\BCDGFJFJGHKJK.exe' 'C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Systddem.exe'
  2820
- cvtres.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe"
  2876
explorer.exe C:\Windows\Explorer.EXE
1452

No process loaded Click on a process in the tree above to load its data.

PID
Parent PID

default registry file network process services synchronisation iexplore office pdf