Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '360.' = '%WINDIR%\svchest.exe'
- '%WINDIR%\svchnst.exe'
- '%WINDIR%\svchest.exe'
- '<SYSTEM32>\svchost.exe'
- '%WINDIR%\explorer.exe'
- <SYSTEM32>\svchost.exe
- %WINDIR%\Explorer.EXE
- C:\tianshideshouhu
- %WINDIR%\Hook.dll
- %WINDIR%\KillFile.sys
- %WINDIR%\LianXue_SuperKill.sys
- %WINDIR%\svchost.exe
- C:\zhuiluodetianshi
- %WINDIR%\svchnst.exe
- %WINDIR%\svchest.exe
- C:\tianshideshouhu
- %WINDIR%\Hook.dll
- C:\zhuiluodetianshi
- %WINDIR%\svchest.exe
- %WINDIR%\LianXue_SuperKill.sys
- ClassName: 'Proxy Desktop' WindowName: ''
- ClassName: '' WindowName: '12368'
- ClassName: '' WindowName: 'explorer.exe'
- ClassName: '' WindowName: '123123'