Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\run] 'update' = '%WINDIR%\addins\svchost.exe'
- '%WINDIR%\addins\Zhuce.exe'
- %WINDIR%\addins\dllhost.exe
- %WINDIR%\addins\Zhuce.exe
- %TEMP%\~ip1.tmp
- %WINDIR%\addins\MSWINSCK.OCX
- %WINDIR%\addins\svchost.exe
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'