Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DoNotAllowExceptions' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'EnableFirewall' = '00000000'
- '<SYSTEM32>\taskkill.exe' /im lsnes.exe /f
- '<SYSTEM32>\taskkill.exe' /im p2p.exe /f
- '<SYSTEM32>\taskkill.exe' /im t.exe /f
- '<SYSTEM32>\taskkill.exe' /im shost.exe /f
- '<SYSTEM32>\cmd.exe' /c ""c:\rm\kill.bat" "
- '<SYSTEM32>\netsh.exe' firewall set opmode disable
- '<SYSTEM32>\taskkill.exe' /im ekan.exe /f
- C:\az.exe
- %TEMP%\$inst\0001.tmp
- C:\rm\kill.bat
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\0001.tmp
- %TEMP%\$inst\temp_0.tmp
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''