Техническая информация
- <SYSTEM32>\Microsoft\Protect\S-1-5-18\User\lsass.exe
- <SYSTEM32>\taskkill.exe /f /im <Имя вируса>.exe
- <SYSTEM32>\ping.exe 127.0.0.1 -n 2
- <SYSTEM32>\ntvdm.exe -f -i1
- <SYSTEM32>\cmd.exe /c %TEMP%\21f84.tmpmlkbat.bat kill
- ClassName: 'OLLYDBG' WindowName: ''
- ClassName: '' WindowName: 'TRW2000 for Windows 9x'
- %WINDIR%\test.reg
- %WINDIR%\Temp\scs2.tmp
- <Текущая директория>\null
- %TEMP%\21f84.tmpmlkbat
- %WINDIR%\Temp\scs1.tmp
- %TEMP%\0AA9AA83\$$$$$$$$.{D6277990-4C6A-11CF-8D87-00AA0060F5BF}\ $$$2\com1.{21EC2020-3AEA-1069-A2DD-08002B30309D}\{5C7A4546-6459-4E3C-BE89-E12B3C79E347}
- <SYSTEM32>\Microsoft\Protect\S-1-5-18\User\ktmm.exe
- <SYSTEM32>\Microsoft\Protect\S-1-5-18\User\weinou.exe
- <Текущая директория>\null
- %WINDIR%\Temp\scs2.tmp
- %WINDIR%\Temp\scs1.tmp
- '98.##6.141.100':2011
- ClassName: 'ACPU' WindowName: ''
- ClassName: 'ConsoleWindowClass' WindowName: 'ntvdm-980.984.3a0001'
- ClassName: '' WindowName: ''
- ClassName: '' WindowName: 'TWX2002 for Windows 9x'
- ClassName: '' WindowName: 'RegmonClass'
- ClassName: 'TDeDeMainWindow' WindowName: ''