Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'ManagementConsole' = '"C:\Users\Public\Cache\Console.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\AeroadminService] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\AeroadminService] 'ImagePath' = 'C:\Users\Public\Cache\AeroAdmin.exe w'
- '<Полный путь к файлу>' wind
- '<SYSTEM32>\cmd.exe' /c "sc create "AeroadminService" start= auto binPath= "C:\Users\Public\Cache\AeroAdmin.exe w""
- '<SYSTEM32>\cmd.exe' /c "sc failure "AeroadminService" reset= 0 actions= restart/1000/restart/1000/restart/1000"
- '<SYSTEM32>\cmd.exe' /c "sc config "AeroadminService" depend= Tcpip/AFD"
- '<SYSTEM32>\sc.exe' create "AeroadminService" start= auto binPath= "C:\Users\Public\Cache\AeroAdmin.exe w"
- '<SYSTEM32>\sc.exe' config "AeroadminService" depend= Tcpip/AFD
- '<SYSTEM32>\cmd.exe' /c "<Имя файла>" wind
- '<SYSTEM32>\sc.exe' failure "AeroadminService" reset= 0 actions= restart/1000/restart/1000/restart/1000
- '<SYSTEM32>\cmd.exe' /c "sc start "AeroadminService""
- '<SYSTEM32>\sc.exe' start "AeroadminService"