Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\360safeКµК±±Ј»¤№¦ДЬДЈїй] 'Start' = '00000002'
- '%WINDIR%\360tray.exe'
- '%WINDIR%\Temp\1.exe'
- '%WINDIR%\Temp\623.exe'
- '<SYSTEM32>\ping.exe' 127.0.0.1
- '<SYSTEM32>\cmd.exe' /c %WINDIR%\61642520.BAT
- '%WINDIR%\regedit.exe' /s c:\shit.reg
- '<SYSTEM32>\wscript.exe' "%WINDIR%\temp\1.vbs"
- '<SYSTEM32>\cmd.exe' /c ""%WINDIR%\temp\1.bat" "
- C:\shit.reg
- %WINDIR%\360tray.exe
- %WINDIR%\61642520.BAT
- %WINDIR%\Temp\623.exe
- %WINDIR%\Temp\1.bat
- %WINDIR%\Temp\1.exe
- %WINDIR%\Temp\1.vbs
- %WINDIR%\360tray.exe
- %WINDIR%\Temp\623.exe
- %WINDIR%\Temp\Perflib_Perfdata_7e8.dat
- %WINDIR%\Temp\1.vbs
- C:\shit.reg
- %WINDIR%\Temp\1.exe
- 'wm###e.3322.org':8000
- DNS ASK wm###e.3322.org
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''