Техническая информация
- '<SYSTEM32>\taskkill.exe' /f /im VsTskMgr.exe
- '<SYSTEM32>\taskkill.exe' /f /im Mcshield.exe
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\taskkill.exe' /f /im 360tray.exe
- '<SYSTEM32>\taskkill.exe' /f /im KVXP.kxp
- '<SYSTEM32>\taskkill.exe' /f /im kavsvc.exe
- '<SYSTEM32>\taskkill.exe' /f /im Ravmon.exe
- '<SYSTEM32>\taskkill.exe' /f /im Rav.exe
- <Текущая директория>\Hook.dll
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- 'to##.chinaz.com':80
- to##.chinaz.com/Ip/?ip#############
- DNS ASK to##.chinaz.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: '' WindowName: 'DefenderDaemon.exe'