Техническая информация
- <SYSTEM32>\net.exe stop SharedAccess
- <SYSTEM32>\net.exe stop wscsvc
- <SYSTEM32>\net.exe stop Alerter
- <SYSTEM32>\net1.exe stop SharedAccess
- <SYSTEM32>\net1.exe stop wscsvc
- <SYSTEM32>\net1.exe stop Alerter
- <SYSTEM32>\sc.exe config SharedAccess start= disabled
- <SYSTEM32>\sc.exe stop wscsvc
- <SYSTEM32>\sc.exe config Alerter start= disabled
- <SYSTEM32>\sc.exe stop Alerter
- <SYSTEM32>\sc.exe stop SharedAccess
- <SYSTEM32>\sc.exe config wscsvc start= disabled
- <SYSTEM32>\netsh.exe firewall add allowedprogram "<Полный путь к вирусу>" Rede
- C:\w.exe
- 'ad####d.no-ip.biz':8080
- 'www.zh###uko.com':80
- www.zh###uko.com/add.php
- DNS ASK ad####d.no-ip.biz
- DNS ASK www.zh###uko.com
- ClassName: 'Shell_TrayWnd' WindowName: ''