Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Messenger] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\RemoteAccess] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\AudioSrv] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\HidServ] 'Start' = '00000002'
- '%TEMP%\360safe\`КИСЄЯB“ф.exe' <Полный путь к вирусу> -s<Полный путь к вирусу>
- '%PROGRAM_FILES%\360\360sd\360nzp.exe' <Полный путь к вирусу> -s<Полный путь к вирусу>
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\temp.bat" "
- %PROGRAM_FILES%\360\360sd\dxseenims
- %PROGRAM_FILES%\360\360sd\jpyrjdvtsi
- %PROGRAM_FILES%\360\360sd\jpyrjdvts
- %PROGRAM_FILES%\360\360sd\lqmrymkhxh
- %PROGRAM_FILES%\360\360sd\lqmrymkhx
- %PROGRAM_FILES%\360\360sd\dxseenimsq
- %TEMP%\temp.bat
- %PROGRAM_FILES%\360\360sd\360nzp.exe
- %TEMP%\360safe\`КИСЄЯB“ф.exe
- %PROGRAM_FILES%\360\360sd\wuirpyhuol
- %TEMP%\ocubmsonei.dat
- %PROGRAM_FILES%\360\360sd\wuirpyhuo
- %PROGRAM_FILES%\360\360sd\dxseenimsq
- %PROGRAM_FILES%\360\360sd\dxseenims
- %PROGRAM_FILES%\360\360sd\lqmrymkhxh
- %PROGRAM_FILES%\360\360sd\lqmrymkhx
- %PROGRAM_FILES%\360\360sd\wuirpyhuol
- %PROGRAM_FILES%\360\360sd\wuirpyhuo
- %PROGRAM_FILES%\360\360sd\jpyrjdvtsi
- %PROGRAM_FILES%\360\360sd\jpyrjdvts
- %TEMP%\ocubmsonei.dat в %PROGRAM_FILES%\Tencent\%SESSIONNAME%\jhlsw.xm
- %PROGRAM_FILES%\360\360sd\360nzp.exe в %PROGRAM_FILES%\360\360sd\360
- ClassName: 'Shell_TrayWnd' WindowName: ''