Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'tworun' = '<SYSTEM32>\tworun.exe'
- '<SYSTEM32>\cscript.exe' <SYSTEM32>\slmgr.vbs -dli
- '<SYSTEM32>\findstr.exe' /C:"许可证状态"
- '<SYSTEM32>\ping.exe' 127.0.0.1 -n 2
- '<SYSTEM32>\powercfg.exe' -change -standby-timeout-ac 0
- '<SYSTEM32>\sc.exe' config TrkWks start= disabled
- '%WINDIR%\regedit.exe' /s <SYSTEM32>\xiubu.reg
- '<SYSTEM32>\powercfg.exe' -change -monitor-timeout-ac 20
- %TEMP%\aut2.tmp
- C:\ProgramData\Microsoft\Network\Connections\Pbk\rasphone.pbk
- %TEMP%\aut1.tmp
- %TEMP%\aut2.tmp
- %TEMP%\aut1.tmp
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''