Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] 'DisableNotifications' = '00000001'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'EnableFirewall' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] '<SYSTEM32>\sessmgr.exe' = '<SYSTEM32>\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '<SYSTEM32>\sessmgr.exe' = '<SYSTEM32>\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019'
- <SYSTEM32>\netsh.exe firewall set notifications mode =disable profile = All
- <SYSTEM32>\netsh.exe firewall set opmode mode =disable interface = "Local Area Connection"
- <SYSTEM32>\cmd.exe /c ""%TEMP%\1.tmp\kill.bat" "
- <SYSTEM32>\netsh.exe firewall set opmode mode =disable exceptions = disable
- %TEMP%\tmp2.tmp
- %TEMP%\1.tmp\kill.bat
- %TEMP%\1.tmp\kill.bat
- %TEMP%\tmp2.tmp
- 'localhost':1045
- 'localhost':1044
- '23#.#55.255.250':1900