Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run] '360safetray' = '%WINDIR%\system\svhost.exe'
- '%WINDIR%\system\svhost.exe'
- '<SYSTEM32>\net1.exe' start lanmanserver
- '<SYSTEM32>\net1.exe' start lanmanworkstation
- '<SYSTEM32>\net1.exe' start Browser
- '<SYSTEM32>\taskkill.exe' /im svhost.exe /f
- '<SYSTEM32>\cacls.exe' <DRIVERS>\etc\hosts
- %WINDIR%\Fonts\lfna.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\b[1].jpg
- %WINDIR%\system\svhost.exe
- <DRIVERS>\etc\hosts
- 'b.##akd.com':80
- 'localhost':1035
- b.##akd.com/b.jpg
- DNS ASK b.##akd.com
- ClassName: '(null)' WindowName: '(null)'