Техническая информация
- %WINDIR%\Tasks\{4324332B-644B-654F-C96D-FF46DC637652}.job
- '%APPDATA%\Identities\{5518F2FB-DB74-45A3-BEC1-4575D8D9DC84}\uxghoac.exe'
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\sysdm.cpl,NoExecuteProcessException %WINDIR%\explorer.exe
- '<SYSTEM32>\dumprep.exe' 1432 -dm 7 7 %TEMP%\WER96c4.dir00\explorer.exe.hdmp 16325836412028056
- '<SYSTEM32>\dumprep.exe' 1432 -dm 7 7 %TEMP%\WER96c4.dir00\explorer.exe.mdmp 16325836412028044
- %WINDIR%\Explorer.EXE
- [<HKCU>\Software\Microsoft\messengerservice]
- %TEMP%\WER96c4.dir00\appcompat.txt
- %TEMP%\WER96c4.dir00\manifest.txt
- %TEMP%\WER96c4.dir00\explorer.exe.hdmp
- %APPDATA%\Identities\{5518F2FB-DB74-45A3-BEC1-4575D8D9DC84}\uxghoac.exe
- %TEMP%\WER96c4.dir00\explorer.exe.mdmp
- %WINDIR%\Tasks\{4324332B-644B-654F-C96D-FF46DC637652}.job
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'ampcyni' WindowName: 'dflhlvewnvynrhvtndke cowesuo'