Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Userinit' = '<SYSTEM32>\userinit.exe,%WINDIR%\installer\profile\deviceindex.exe,'
- '<SYSTEM32>\reg.exe' add "hklm\software\microsoft\windows nt\currentversion\winlogon" /v Userinit /t reg_sz /d <SYSTEM32>\userinit.exe,%WINDIR%\installer\profile\deviceindex.exe, /f
- '<SYSTEM32>\reg.exe' delete hklm\system\lastknowngoodrecovery /f
- '<SYSTEM32>\reg.exe' delete hklm\system\currentcontrolset\control\safeboot\network\{4d36e96b-e325-11ce-bfc1-08002be10318} /f
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram %WINDIR%\inf\servicepack\index\svchost.exe "Generic Host Process for Win32 Services" enable
- '<SYSTEM32>\attrib.exe' +r +h +s %WINDIR%\installer\profile
- '<SYSTEM32>\attrib.exe' +r +h +s %WINDIR%\inf\servicepack\index
- '<SYSTEM32>\attrib.exe' +r +h +s %WINDIR%\inf\servicepack
- %WINDIR%\Installer\Profile\deviceindex.exe
- %TEMP%\~1.bat
- %TEMP%\~1.bat