Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'EnableFirewall' = '00000000'
- <SYSTEM32>\ntvdm.exe -f -i1
- <SYSTEM32>\cmd.exe /c <Текущая директория>\5093.bat
- <SYSTEM32>\svchost.exe
- %WINDIR%\Temp\scs2.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\b[1].dat
- C:\smss.exe
- %WINDIR%\Temp\scs1.tmp
- <Текущая директория>\5093.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\a[1].dat
- C:\services.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\a[1].dat
- 'me####s.chello.sk':80
- me####s.chello.sk/j.szakalova/b.dat
- me####s.chello.sk/j.szakalova/a.dat
- DNS ASK me####s.chello.sk
- '<IP-адрес в локальной сети>':1037
- ClassName: 'ConsoleWindowClass' WindowName: 'ntvdm-a00.a04.380001'