Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\zonelibm32] 'Start' = '00000002'
- '<SYSTEM32>\ntvdm.exe' -f -i1
- '<SYSTEM32>\netsh.exe' firewall add portopening TCP 25 DNS ENABLE ALL
- '<SYSTEM32>\netsh.exe' firewall add portopening TCP 1750 messenger ENABLE ALL
- %TEMP%\e574413e.exe
- %WINDIR%\Temp\scs1.tmp
- %WINDIR%\Temp\scs2.tmp
- <SYSTEM32>\a312d5d4.dll
- <SYSTEM32>\9b5a2663.dll
- <SYSTEM32>\zonelibm32.dll
- <SYSTEM32>\56e52ce8.dll
- %WINDIR%\Temp\scs2.tmp
- %WINDIR%\Temp\scs1.tmp
- ClassName: 'ConsoleWindowClass' WindowName: 'ntvdm-c80.c84.3a0006'