Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0] '1201' = '00000000'
- C:\users\public\documents\360apploader.exe
- C:\users\public\documents\360entcall.exe
- C:\users\public\documents\uninst.exe
- C:\users\public\documents\360safe.exe
- C:\users\public\documents\360.exe
- C:\airgd\5661146332371735\aaaaaaaaaaaaaa.bat
- C:\airgd\2097747714074398\aaaaaaaaaaaaaa.chm
- C:\airgd\5661146332371735\aaaaaaaaaaaaaa.bat
- C:\airgd\2097747714074398\aaaaaaaaaaaaaa.chm
- ClassName: 'HH Parent' WindowName: 'HTML Help'
- ClassName: 'CabinetWClass' WindowName: '5661146332371735'
- ClassName: 'CabinetWClass' WindowName: 'C:\AirGD\5661146332371735\'
- ClassName: 'CabinetWClass' WindowName: 'C:\AirGD'
- ClassName: '' WindowName: ''
- ClassName: 'DirectUIHWND' WindowName: ''
- '<SYSTEM32>\cmd.exe' /c ""C:\AirGD\5661146332371735\AAAAAAAAAAAAAA.bat" "
- '<SYSTEM32>\reg.exe' add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0" /v "1201" /d "0" /t REG_DWORD /f