Техническая информация
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\Office Cache.lnk
- <SYSTEM32>\net.exe stop sharedaccess
- <SYSTEM32>\net1.exe stop sharedaccess
- <SYSTEM32>\net1.exe localgroup "Remote Desktop Users" SYSETM /add
- <SYSTEM32>\net1.exe user SYSETM gaokanxu /add
- <SYSTEM32>\net1.exe localgroup %USERNAME%s SYSETM /add
- 360tray.exe
- %WINDIR%\svchost.exe
- 'ek####ard.3322.org':5858
- DNS ASK ek####ard.3322.org
- ClassName: 'ProgMan' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''