Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] '{7BCD75AC-7DF8-4B42-9B00-4FEA1CE14755}' = ''
- %TEMP%\Temp\012.exe
- %TEMP%\Temp\cjsh.exe
- <SYSTEM32>\cmd.exe /c ""%TEMP%\Temp\012.exe.bat" "
- <SYSTEM32>\cmd.exe /c ""%TEMP%\Temp\cjsh.exe.bat" "
- 360tray.exe
- %WINDIR%\Fonts\WFsARAucm7DAuX8.Ttf
- %WINDIR%\Fonts\CWWFj6tF7GvQjNsqc.fon
- %TEMP%\Temp\012.exe.bat
- %TEMP%\Temp\cjsh.exe
- %TEMP%\Temp\012.exe
- %TEMP%\Temp\cjsh.exe.bat
- %TEMP%\Temp\012.exe
- ClassName: 'Shell_TrayWnd' WindowName: ''