Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'Run' = '<SYSTEM32>\system\svchost'
- <SYSTEM32>\system\svchost.exe
- <SYSTEM32>\QQ\autorun.dll
- <SYSTEM32>\QQ\DBPict.ldb
- <SYSTEM32>\QQ\recordtime.dll
- <SYSTEM32>\QQ\DBPict.mdb
- <SYSTEM32>\system\svchost.exe
- <SYSTEM32>\QQ\save.dll
- ClassName: 'Shell_TrayWnd' WindowName: ''