Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DoNotAllowExceptions' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'EnableFirewall' = '00000000'
- '%PROGRAM_FILES%\Windows Media Player\uplo.exe'
- '%PROGRAM_FILES%\Windows Media Player\uplo.exe' (загружен из сети Интернет)
- '<SYSTEM32>\netsh.exe' firewall set opmode disable
- %PROGRAM_FILES%\Windows Media Player\uplo.exe
- 'pw#####rasil.favcc1.com':80
- pw#####rasil.favcc1.com/server.exe
- DNS ASK pw#####rasil.favcc1.com
- ClassName: 'MS_WINHELP' WindowName: '(null)'