Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%WINDIR%\inf\alg.exe' = '%WINDIR%\inf\alg.exe:*:Enabled:WSALG2'
- %WINDIR%\inf\alg.exe (загружен из сети Интернет) /install /silent
- <SYSTEM32>\reg.exe ADD "SYSTEM\CurrentControlSet\Services\WSALG2" /v "FailureActions" /t REG_BINARY /f /d "00000000000000000000000003000000530065000100000060ea00000100000060ea00000100000060ea0000"
- <SYSTEM32>\net1.exe start "Application Layer Gateway Service2"
- <SYSTEM32>\netsh.exe firewall add allowedprogram %WINDIR%\inf\alg.exe WSALG2 ENABLE
- <SYSTEM32>\regsvr32.exe /i /s %WINDIR%\inf\AcroIEHelper.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\2[1].jpg
- %WINDIR%\inf\AcroIEHelper.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\1[1].jpg
- %WINDIR%\inf\alg.exe
- '77.##.240.87':80
- 'localhost':1036
- 77.##.240.87/2.jpg
- 77.##.240.87/1.jpg