Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Userinit' = '<SYSTEM32>\userinit.exe,<SYSTEM32>\explore.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'EnableFirewall' = '00000000'
- Редактора реестра (RegEdit)
- '<SYSTEM32>\iecomp.exe'
- '<SYSTEM32>\explore.exe'
- '<SYSTEM32>\netstat.exe' -an
- '<SYSTEM32>\net1.exe' user
- '<SYSTEM32>\systeminfo.exe'
- '<SYSTEM32>\ipconfig.exe' /all
- <SYSTEM32>\explore.exe
- <SYSTEM32>\ento.x0x
- <SYSTEM32>\ent0.x0x
- <SYSTEM32>\Msinet.ocx
- <SYSTEM32>\ento.bat
- <SYSTEM32>\iecomp.exe
- <SYSTEM32>\ento.bat
- <SYSTEM32>\Msinet.ocx
- <SYSTEM32>\explore.exe
- <SYSTEM32>\iecomp.exe