Техническая информация
- '%HOMEPATH%\Local Settings\Tempsevhost.exe' -x -s 404
- '%TEMP%\system.exe'
- '%HOMEPATH%\Local Settings\Tempsevhost.exe'
- '%CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE' -x -s 244
- '%CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE' -x -s 336
- '%CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE' -x -s 356
- '%CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE' -x -s 292
- '%CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE' -x -s 272
- '%CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE' -x -s 316
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\shimgvw.dll,ImageView_Fullscreen %APPDATA%\photo.jpg
- '%CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE' -x -s 320
- '%CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE' -x -s 348
- '%CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE' -x -s 344
- %TEMP%\28E2C.dmp
- %TEMP%\29020.dmp
- %TEMP%\2A946.dmp
- %TEMP%\dw.log
- %APPDATA%\photo.jpg
- %HOMEPATH%\Local Settings\Tempsevhost.exe
- %TEMP%\system.exe
- %TEMP%\5133_appcompat.txt
- %TEMP%\84a7_appcompat.txt
- %TEMP%\1ef4_appcompat.txt
- %TEMP%\system.exe
- %TEMP%\28E2C.dmp
- ClassName: 'ShImgVw:CPreviewWnd' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''