Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\secure] 'Start' = '00000002'
- 'C:\BlueTooth\Devices\winback.exe'
- 'C:\BlueTooth\Devices\BlueTooth.exe'
- 'C:\BlueTooth\Devices\winback.exe' -i
- 'C:\BlueTooth\Devices\BlueTooth.exe' -b install.txt
- '<SYSTEM32>\netsh.exe' firewall add portopening TCP 7878 winback.exe enable subnet
- '<SYSTEM32>\attrib.exe' ..\Devices +h
- '<SYSTEM32>\net1.exe' start secure
- '<SYSTEM32>\cmd.exe' /c ""C:\BlueTooth\Devices\start.bat" "
- '<SYSTEM32>\cmd.exe' /c ""C:\BlueTooth\Devices\init.bat" "
- '<SYSTEM32>\netsh.exe' firewall add portopening TCP 6667 BlueTooth.exe enable subnet
- C:\BlueTooth\Devices\WinServ.exe
- C:\BlueTooth\Devices\init.bat
- C:\BlueTooth\Devices\S.dll
- C:\BlueTooth\Devices\start.bat
- C:\BlueTooth\Devices\winback.txt
- C:\BlueTooth\Devices\winback.exe
- C:\BlueTooth\Devices\winback.ini
- C:\BlueTooth\Devices\BlueTooth.exe
- C:\BlueTooth\Devices\cygcrypt-0.dll
- C:\BlueTooth\Devices\htdocs\iroffer-state.css
- C:\BlueTooth\Devices\htdocs\robots.txt
- C:\BlueTooth\Devices\L.dll
- C:\BlueTooth\Devices\P.dll
- C:\BlueTooth\Devices\cygwin1.dll
- C:\BlueTooth\Devices\install.txt
- C:\BlueTooth\Devices\S.dll.tmp в C:\BlueTooth\Devices\S.dll
- 'localhost':1047
- 'localhost':1046
- 'localhost':1050
- 'localhost':1049
- 'localhost':1044
- 'localhost':1039
- 'localhost':1038
- 'localhost':1043
- 'ir#.##rmy-army.org':6667
- DNS ASK ir#.##rmy-army.org
- 'localhost':1040
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'