Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '<SYSTEM32>\ftp.exe' = '<SYSTEM32>\ftp.exe:*:Enabled:Protecciєn contra Virus y Amenazas'
- <SYSTEM32>\netsh.exe firewall set allowedprogram "<SYSTEM32>\ftp.exe" "Protecciєn contra Virus y Amenazas" ENABLE
- <SYSTEM32>\ftp.exe -s:<SYSTEM32>\DirectX9\dfshell.dll
- <SYSTEM32>\wscript.exe "DirectX9.vbs" "paz2.bat"
- <SYSTEM32>\cmd.exe /c ""<SYSTEM32>\paz2.bat" "
- <SYSTEM32>\DirectX9.vbs
- <SYSTEM32>\DirectX9\dfshell.dll
- <SYSTEM32>\DirectX9.bat
- <SYSTEM32>\paz2.bat
- <SYSTEM32>\DirectX9\dfshell.dll
- 'ju####s.site50.net':21
- 'localhost':1036
- DNS ASK ju####s.site50.net
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''