Техническая информация
- '<SYSTEM32>\ftp.exe' -s:d.dat
- '<SYSTEM32>\sc.exe' stop sharedaccess
- '<SYSTEM32>\alg.exe'
- '<SYSTEM32>\sc.exe' start sharedaccess
- '<SYSTEM32>\ntvdm.exe' -f
- '<SYSTEM32>\wscript.exe' "%WINDIR%\winxp.vbs"
- '<SYSTEM32>\ping.exe' -n 3 127.1
- '<SYSTEM32>\ping.exe' -n 1 127.1
- %WINDIR%\Temp\scs2.tmp
- %WINDIR%\D.DAT
- %WINDIR%\Temp\scs1.tmp
- %WINDIR%\winxp.vbs
- %WINDIR%\winxp.COM
- %WINDIR%\D.DAT
- %WINDIR%\Temp\scs2.tmp
- %WINDIR%\Temp\scs1.tmp
- 'www.rt##rt.cn':21
- 'localhost':1036
- DNS ASK www.rt##rt.cn
- ClassName: 'ConsoleWindowClass' WindowName: 'ntvdm-b38.b3c.380001'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'