Техническая информация
- '%TEMP%\RarSFX0\XXLEFq.exe' "LFDjqN"
- '<SYSTEM32>\dumprep.exe' 2964 -dm 7 7 %TEMP%\WER28e8.dir00\svchost.exe.hdmp 16325836412027152
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\sysdm.cpl,NoExecuteProcessException <SYSTEM32>\svchost.exe
- '<SYSTEM32>\svchost.exe'
- '<SYSTEM32>\dumprep.exe' 2964 -dm 7 7 %TEMP%\WER28e8.dir00\svchost.exe.mdmp 16325836412027132
- <SYSTEM32>\svchost.exe
- %TEMP%\test.exe
- %TEMP%\LFDjqN
- %TEMP%\ymVPcK.txt
- %TEMP%\XXLEFq.exe
- %TEMP%\WER28e8.dir00\appcompat.txt
- %TEMP%\WER28e8.dir00\manifest.txt
- %TEMP%\WER28e8.dir00\svchost.exe.mdmp
- %TEMP%\WER28e8.dir00\svchost.exe.hdmp
- %TEMP%\test.txt
- %TEMP%\RarSFX0\EtXAyi.exe
- %TEMP%\RarSFX0\sqAqIy.exe
- %TEMP%\RarSFX0\rbpfkf
- %TEMP%\RarSFX0\FJILWC.txt
- %TEMP%\RarSFX0\XXLEFq.exe
- %TEMP%\RarSFX0\MUnuOg.exe
- %TEMP%\RarSFX0\LFDjqN
- %TEMP%\RarSFX0\ymVPcK.txt
- %TEMP%\RarSFX0\sqAqIy.exe
- %TEMP%\RarSFX0\rbpfkf
- %TEMP%\RarSFX0\ymVPcK.txt
- %TEMP%\RarSFX0\XXLEFq.exe
- %TEMP%\RarSFX0\FJILWC.txt
- %TEMP%\RarSFX0\EtXAyi.exe
- %TEMP%\RarSFX0\MUnuOg.exe
- %TEMP%\RarSFX0\LFDjqN
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''