Техническая информация
- <SYSTEM32>\reg.exe import "%WINDIR%/help/Tours/nnTour/111.reg
- %WINDIR%\regedit.exe /s "%WINDIR%/help/Tours/nnTour/111.reg
- <SYSTEM32>\reg.exe delete "HKEY_LOCAL_MACHINE\SYSTEM\RAdmin" /f
- <SYSTEM32>\netsh.exe firewall add portopening protocol = TCP port = 4889 name = TCP
- <SYSTEM32>\reg.exe export "HKEY_LOCAL_MACHINE\SYSTEM\RAdmin" 123.reg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\58746[1].gif
- %TEMP%\~1.bat
- %TEMP%\~1.bat
- %TEMP%\~1.bat
- '2i#.ru':80
- 'localhost':1036
- 2i#.ru/member_photo/58746.gif
- DNS ASK 2i#.ru
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''