Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\DHCPServer] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%WINDIR%\drivers\services.exe' = '%WINDIR%\drivers\services.exe:*:Enabled:Server'
- %WINDIR%\drivers\services.exe /install auto
- %WINDIR%\drivers\services.exe /start
- %WINDIR%\drivers\services.exe
- %WINDIR%\drivers\services.exe /adminport 14147
- %WINDIR%\drivers\services.exe /servicename DHCPServer
- %WINDIR%\drivers\services.exe /servicedisplayname DHCPServer
- <SYSTEM32>\ntvdm.exe -f -i1 -w -a <SYSTEM32>\krnl386.exe
- <SYSTEM32>\netsh.exe firewall add allowedprogram "%SYSTEMROOT%\drivers\services.exe" "Server" ENABLE
- %WINDIR%\drivers\system32\sapfile.exe
- %WINDIR%\Temp\scs2.tmp
- %WINDIR%\Temp\scs1.tmp
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- %WINDIR%\drivers\services.exe
- %WINDIR%\drivers\FileZilla Server.xml
- %WINDIR%\Temp\scs2.tmp
- %WINDIR%\Temp\scs1.tmp
- %TEMP%\$inst\temp_0.tmp
- ClassName: 'WOWFaxClass' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''