Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] '{13BC17B3-1BAA-1F8E-2372-27552B4D2F26}' = ''
- C:\zhuxian.exe
- <SYSTEM32>\cmd.exe /c <SYSTEM32>\$X5df5e5dhjdf.bat
- Библиотека-обработчик для всех процессов: <SYSTEM32>\zhuxian4qso.dll
- <SYSTEM32>\$X5df5e5dhjdf.bat
- <SYSTEM32>\zhuxian4qso.dll
- C:\zhuxian.exe
- <SYSTEM32>\zhuxian4qso.dll
- C:\zhuxian.exe
- ClassName: 'KVXP_Monitor' WindowName: '????????????'
- ClassName: '#32770' WindowName: '????????????'
- ClassName: 'Q360SafeMonClass' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''