Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] 'C:\zv\NpRmtC\Remote.exe' = 'C:\zv\NpRmtC\Remote.exe:*:Enabled:NpRemote...
- 'C:\zv\NpRmtC\Remote.exe' -kill
- C:\zv\NpRmtC\NpRemoteLog.dll
- C:\zv\NpRmtC\MSRC4Plugin.dsm
- C:\zv\NpRmtC\rc4.key
- %TEMP%\drv.zip
- C:\zv\NpRmtC\settings.ini
- C:\zv\RemoteC.log
- C:\zv\NPRS.BIN
- C:\zv\NpRmtC\Remote.exe
- C:\zv\NpRmtC.zip
- C:\zv\NpRmtC.zip
- '17#.#32.111.50':80
- 'localhost':1039
- '50.##.217.203':80
- http://17#.#32.111.50/driver/xp/xp.zip
- http://50.##.217.203/NPRS.bin
- ClassName: 'WinVNC Tray Icon' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''