Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\r_server] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] 'C:\Radmin-i\r_server.exe' = 'C:\Radmin-i\r_server.exe:*:Enabled:Radmin'
- 'C:\Radmin-i\r_server.exe' /service
- 'C:\Radmin-i\r_server.exe' /start
- 'C:\Radmin-i\r_server.exe' /install /silence
- '%WINDIR%\regedit.exe' /s settings2.reg
- '%WINDIR%\regedit.exe' /s settings3.reg
- '%WINDIR%\regedit.exe' /s settings.reg
- '<SYSTEM32>\cmd.exe' /c ""c:\temp\install.bat" "
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram c:\radmin-i\r_server.exe Radmin enable
- C:\Radmin-i\r_server.exe
- C:\temp\settings3.reg
- C:\Radmin-i\raddrv.dll
- C:\Radmin-i\AdmDll.dll
- C:\temp\settings2.reg
- C:\temp\INSTALL.BAT
- C:\temp\settings.reg
- C:\temp\r_server.exe
- C:\temp\AdmDll.dll
- C:\temp\raddrv.dll
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''