Trojan.DownLoader34.65496

Техническая информация

Для обеспечения автозапуска и распространения

Устанавливает следующие настройки сервисов

[<HKLM>\System\CurrentControlSet\Services\XT800SDKService] 'ImagePath' = '"%ProgramFiles(x86)%\STVncManager\STRemoteLibrary\Bin\XTService.exe" -service'

Создает следующие сервисы

'XT800SDKService' "%ProgramFiles(x86)%\STVncManager\STRemoteLibrary\Bin\XTService.exe" -service

Изменения в файловой системе

Создает следующие файлы

%TEMP%\nsw11ad.tmp\nsprocess.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xtmainremotewnd.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xtloginflashwnd_mini.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xtlocalfilelistwnd.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xthtmlwnd.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xthtmlagentwnd.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xthistorywnd.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xtfoldersharewnd.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xtfiletransuiwnd.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xtnotifywnd.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xtcontactorwnd.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xtcontactortreeproperty.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xtcontactoroutlimit.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xtauthwnd.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xtaddpeoplenotifywnd.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xstringres.eng.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xtflatcontactorwnd.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\window\main_tab1.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xtqueuestatewnd.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\desktophook.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\data.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\common.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\atl110.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\appcore.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xtvipnotifydlg.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xtsinglechatwnd.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xstringres.chs.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xtmainsharewnd.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xtremotestatewnd.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xtremoterequestwndwithoutinput.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xtremoterequestwnd.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xtremotelimit.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xtremoteheaderwnd_android.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xtremoteheaderwnd.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xtremotefilemgrwnd.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xtremoteviewerframe.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xtremotefilelistwnd.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xresources.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\window\window_close.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\window\window_btn_setting.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\share\icon_up.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\splashwnd\textfield_disable.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\splashwnd\splash_splitline.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\splashwnd\splash_picture.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\splashwnd\splash_bg3.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\splashwnd\splash_bg2.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\splashwnd\splash_bg1.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\gdiplus.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\window\bg_fileshare.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\share\icon_shareset.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\share\icon_refresh.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\share\icon_home.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\share\icon_forward.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\share\icon_download.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\share\icon_del.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\share\icon_back.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\share\icon_view.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\xtsimpleloginwnd.xml
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\window\bg_fileshare_bottom.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\window\bg_gray.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\window\bg_fileshare_toolbar.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\window\window_btn_restore.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\window\window_btn_mini.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\window\window_btn_max.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\window\window_btn_close.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\window\pub_btn.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\window\popmsg_arrow.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\window\bg_foldershare_bottom.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\window\menu_arrow.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\window\bg_blue.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\window\logo_personal.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\window\icon_setting.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\window\icon_help.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\window\icon_btn.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\window\bg_history_bottom.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\window\bg_gray_2.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\window\main_tab2.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtpipeproxy.dll
%ALLUSERSPROFILE%\1101 mini xt files\usr\10801166\setting.xcfg
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\log.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k3_64\driver\mv2.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k3\setupdrv.exe
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k3\driver\mv2.sys
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k3\driver\mv2.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k\setupdrv.exe
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k\driver\mv2.sys
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k\driver\mv2.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtupdatechecker.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k3_64\setupdrv.exe
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtunit.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtuimgr.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtui.exe
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtsysinfo.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtsetting.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtservice.exe
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xt_.exe
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\httpclient.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k8\driver\mv2.dll
%ALLUSERSPROFILE%\1101 mini xt files\machinelogin.dat
%ALLUSERSPROFILE%\xt mini common files\xtmainuilog\10-13.log
%ALLUSERSPROFILE%\.xt private files\.private.m.v6.data
%ALLUSERSPROFILE%\1101 mini xt files\log\10-13.log
%ALLUSERSPROFILE%\xtsystemp\xt_.startup
%ProgramFiles(x86)%\stvncmanager\update_tmp\stremotelibrary.7z
%ProgramFiles(x86)%\stvncmanager\update_tmp\file_config.txt
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtscreengrabapp.exe
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k3_64\driver\mv2.sys
%ALLUSERSPROFILE%\xt common files\xtlocalsrvlog\10-13.log
%ProgramFiles(x86)%\stvncmanager\log\stvnc\stvnclog20201013.log
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\sas.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k8_64\setupdrv.exe
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k8_64\driver\mv2.sys
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k8_64\driver\mv2.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k8\setupdrv.exe
%ALLUSERSPROFILE%\xt mini common files\xt.startup
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k8\driver\mv2.sys
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtscreengrab.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtresource.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtremotefile.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\vccorlib110.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtfiletrans.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtcommon.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtchat.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtauth.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xt.exe
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xskin.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\httpdownload.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtfiletransui.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\uachelper.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\plugin_task.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\plugin_alert.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\network.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\msvcr110.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\msvcp110.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\mfc110u.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xmppcore.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\share\icon_add.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtfoldershare.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtlog.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xthistory.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtremote.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtreditpic.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtrcviewer.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtrcserver.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtqueueui.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtqueue.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtlocalsrv.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtprop.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtfiletranslogic.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtpaint.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtnotify.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtmsgpipe.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtmsgbox.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtmain.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtlogin.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtplugin.dll
%ALLUSERSPROFILE%\xt mini common files\xtservicelog\10-13.log
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\remotefile\icon_up.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\remote\remote_icon_lock.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\history\nohistory.htm
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\history\historypage.htm
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\history\history.ini
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\extendcfg.ini
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\ext\app_32.ico
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\ext\app_16.ico
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k8_64\uninstall_silent.bat
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k8_64\license.txt
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\icon\xt_m.ico
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k8_64\install_silent.bat
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k8_64\install.bat
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k8_64\driver\mv2.inf
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k8_64\driver\mv2.cat
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k8\uninstall_silent.bat
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k8\uninstall.bat
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k8_64\uninstall.bat
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k3\uninstall_silent.bat
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\setting.ini
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\bg_blue_hl.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\bg_blue.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\background.bmp
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\chat\toolbar_splitline_1.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\chat\toolbar_bg.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\chat\icon_sendfile.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\chat\icon_screenshot.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k8\license.txt
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\icon\xt.ico
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\chat\icon_link.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\chat\icon_chat.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\chat\icon_btn.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\chat\bg_chat_input_2.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\chat\bg_chat_input_1.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\ext\app_32.ico
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\ext\app_16.ico
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\chat\icon_redir.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\xt_m.ico
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k8\install_silent.bat
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k8\install.bat
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k8\driver\mv2.inf
%ProgramFiles(x86)%\stvncmanager\logo.ico
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k\driver\mv2.cat
%HOMEPATH%\desktop\如意远程主控端.lnk
%HOMEPATH%\desktop\ГЁГ§ГІГўГґВ¶ВіГ¬Г¶Г·ВїГёВ¶Г«.lnk
%ProgramFiles(x86)%\stvncmanager\version.ini
%ProgramFiles(x86)%\stvncmanager\tvnviewer.exe
%ProgramFiles(x86)%\stvncmanager\msvcr100.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\bg_line.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k\install.bat
%ProgramFiles(x86)%\stvncmanager\stvnc.ini
%ProgramFiles(x86)%\stvncmanager\stvncmanagerlauncher.exe
%ProgramFiles(x86)%\stvncmanager\stvncmanager.exe
%ProgramFiles(x86)%\stvncmanager\stvnc.dll
%ProgramFiles(x86)%\stvncmanager\stuilib.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary.7z
%ProgramFiles(x86)%\stvncmanager\7za.exe
%ProgramFiles(x86)%\stvncmanager\msvcp100.dll
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\chat\icon_remote.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k\install_silent.bat
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k\uninstall_silent.bat
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k\license.txt
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k8\driver\mv2.cat
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k3_64\uninstall_silent.bat
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k3_64\uninstall.bat
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k3_64\license.txt
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k3_64\install_silent.bat
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k3_64\install.bat
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k\uninstall.bat
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k3_64\driver\mv2.inf
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k\driver\mv2.inf
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k3\uninstall.bat
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k3\license.txt
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k3\install_silent.bat
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k3\install.bat
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k3\driver\mv2.inf
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k3\driver\mv2.cat
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\data\driver\w2k3_64\driver\mv2.cat
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\contactor\contactlist_bg2.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\remotefile\icon_newfolder.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\chat_menuarrow.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\menu\menu_arrow.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\main\main_tab2.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\main\main_tab1.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\main\icon_expand.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\main\icon_combin.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\filetransui\pb_bg.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\filetransui\pb.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\filetransui\file_icon_start.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\menu\menu_bar_item_bg.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\filetransui\file_icon_recived.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\filetransui\file_icon_pause.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\filetransui\file_icon_del.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\filetransui\file_icon_alert.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\contactor\title.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\contactor\icon_viewshare.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\filetransui\icon_view.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\bg_white.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\menu\menu_bg.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\remotefile\icon_home.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\remotefile\icon_delfolder.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\remotefile\icon_delete.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\remote\remote_toolbar_bg.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\remote\remote_icon_unlock.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\remote\remote_icon_setting.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\remote\remote_icon_sendfile.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\contactor\icon_sendfile.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\menu\menu_bar_bg.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\remote\remote_icon_exitfullscreen.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\remote\remote_icon_close.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\remote\remote_icon_chat.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\notify\popmsg_close.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\notify\popmsg_bg.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\menu\menu_separator.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\menu\menu_select.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\remote\remote_icon_fullscreen.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\menu\menu_btn.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\contactor\icon_right.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\contactor\icon_remote.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\contactor\icon_jumpwnd.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\icon_info_32.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\machine_picture.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\logo_32.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\icon_sys_state_24.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\icon_sys_state_16.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\icon_search.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\icon_refresh.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\bg_white_center.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\menu_btn.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\icon_info_2.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\icon_info.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\icon_delete.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\icon_combin_btn.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\icon_btn.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\common_wnd_bg.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\common_btn_flat.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\icon_man.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\remotefile\icon_refresh.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\popmsg_arrow.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\pub_tab_2.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\popmsg_bg.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\contactor\icon_combinwnd.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\contactor\icon_chat.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\contactor\icon_addpeople.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\contactor\icon.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\contactor\contactlist_iconline.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\contactor\contactlist_bg_top.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\pub_tab_1.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\contactor\contactlist_bg_bottom.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\main_picture.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\contactor\contactlist_bg1.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\contactor\contact-list-top.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\window_toolbar_bg.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\usrstate_round.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\receive_img.gif
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\common\put_btn_bkg.png
%ProgramFiles(x86)%\stvncmanager\stremotelibrary\skin\images\contactor\contactlist_bg_2.png
%ALLUSERSPROFILE%\1101 mini xt files\userlist.xml

Удаляет следующие файлы

%TEMP%\nsw11ad.tmp\nsprocess.dll

Сетевая активность

TCP

Запросы HTTP GET

http://go##.stnts.com/ziphost/downapp/STVncManager/file_config.txt
http://go##.stnts.com/ziphost/downapp/STVncManager/STRemoteLibrary.7z
http://rd###.#tnts.com:1220/reg?v=###############################################################################################################################################################...

'ma#####nc.yileyoo.com':443

'rd###.stnts.com':1222

UDP

DNS ASK re#####ruyi.yileyoo.com
DNS ASK go##.stnts.com
DNS ASK ma#####nc.yileyoo.com
DNS ASK rd###.stnts.com

Другое

Создает и запускает на исполнение

'%ProgramFiles(x86)%\stvncmanager\stvncmanagerlauncher.exe'
'%ProgramFiles(x86)%\stvncmanager\7za.exe' x "TeamViewer.7z" -y -o"./"
'%ProgramFiles(x86)%\stvncmanager\7za.exe' x "STRemoteLibrary.7z" -y -o"./"
'%ProgramFiles(x86)%\stvncmanager\stvncmanager.exe' -k:F08D9C16
'%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtservice.exe' -service
'%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xt.exe' -service_run
'%ProgramFiles(x86)%\stvncmanager\stremotelibrary\bin\xtui.exe' -service_run
'%ProgramFiles(x86)%\stvncmanager\7za.exe' x "TeamViewer.7z" -y -o"./"' (со скрытым окном)
'%ProgramFiles(x86)%\stvncmanager\7za.exe' x "STRemoteLibrary.7z" -y -o"./"' (со скрытым окном)

Технологии

Термины

Обучение и просвещение

Мифы

Техническая информация

Рекомендации по лечению

Демо бесплатно на 14 дней