Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360tray.exe] 'Debugger' = '%WINDIR%\scvhost.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'jpime' = '%WINDIR%\scvhost.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360Safe.exe] 'Debugger' = '%WINDIR%\scvhost.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360rpt.exe] 'Debugger' = '%WINDIR%\scvhost.exe'
- скрытых файлов
- <SYSTEM32>\attrib.exe C:\~1\C_PAN.gho -s -r -h -a
- DNS ASK ha####kiss.6600.org
- '<IP-адрес в локальной сети>':1035
- ClassName: '' WindowName: '????????????????'
- ClassName: '' WindowName: ''
- ClassName: '' WindowName: 'Windows ??????????'
- ClassName: '' WindowName: '????????????'