Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\IKEEXT] 'Start' = '00000002'
- [<HKLM>\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'EnableFirewall' = '00000000'
- [<HKLM>\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DoNotAllowExceptions' = '00000000'
- '<SYSTEM32>\net.exe' stop ôSecurity Centerö
- '<SYSTEM32>\netsh.exe' firewall set opmode mode=disable
- '<SYSTEM32>\net.exe' stop "ZoneAlarm"
- '<SYSTEM32>\net.exe' stop "Sygate Personal Firewall Pro"
- '<SYSTEM32>\net.exe' STOP "Trend Micro Personal Firewall"
- '<SYSTEM32>\net.exe' stop "PC-cillin Personal Firewall"
- '<SYSTEM32>\net.exe' stop "Sygate Personal Firewall"
- '<SYSTEM32>\net.exe' stop "Kaspersky Anti-Virus Service"
- %TEMP%\a43912.bat
- %TEMP%\a43912.bat
- '<SYSTEM32>\cmd.exe' /c %TEMP%\a43912.bat "<Полный путь к файлу>"' (со скрытым окном)
- '<SYSTEM32>\cmd.exe' /c %TEMP%\a43912.bat "<Полный путь к файлу>"
- '<SYSTEM32>\net1.exe' stop ôSecurity Centerö
- '<SYSTEM32>\net1.exe' stop "ZoneAlarm"
- '<SYSTEM32>\net1.exe' stop "Sygate Personal Firewall Pro"
- '<SYSTEM32>\net1.exe' STOP "Trend Micro Personal Firewall"
- '<SYSTEM32>\net1.exe' stop "PC-cillin Personal Firewall"
- '<SYSTEM32>\net1.exe' stop "Sygate Personal Firewall"
- '<SYSTEM32>\net1.exe' stop "Kaspersky Anti-Virus Service"