Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'CheckData' = 'runmn32.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Data' = 'runlib32.exe'
- <SYSTEM32>\reg.exe add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v Data /t REG_SZ /d runlib32.exe /f
- <SYSTEM32>\reg.exe add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v CheckData /t REG_SZ /d runmn32.exe /f
- <SYSTEM32>\netsh.exe firewall add allowedprogram %WINDIR%\runlib32.exe "Media Player Classic" enable
- <SYSTEM32>\netsh.exe advfirewall firewall add rule name="Media Player Classic" dir=in program="project1.exe" security=authnoencap action=allow
- <SYSTEM32>\netsh.exe advfirewall firewall add rule name="Internet Explorer" dir=in program="%WINDIR%\runlib32.exe" security=authnoencap action=allow
- <SYSTEM32>\netsh.exe firewall add allowedprogram Project1.exe "Internet Explorer" enable
- 'ft#.#arod.ru':21
- DNS ASK ft#.#arod.ru