Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\TermService] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\TlntSvr] 'Start' = '00000002'
- '<SYSTEM32>\net.exe' start TermService
- '<SYSTEM32>\sc.exe' config TermService start= auto
- '<SYSTEM32>\net1.exe' start tlntsvr
- '<SYSTEM32>\taskkill.exe' /im scvhosts.exe
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\tlntsvrp.dll
- '<SYSTEM32>\net1.exe' start TermService
- '<SYSTEM32>\tlntsvr.exe'
- '<SYSTEM32>\sc.exe' config tlntsvr start= auto
- '<SYSTEM32>\reg.exe' delete HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5D6179C8-17EC-11D1-9AA9-00C04FD8FE93}\InprocServer32 /f
- '<SYSTEM32>\net.exe' localgroup administrators /add
- '<SYSTEM32>\net.exe' user 64068938 /add
- '<SYSTEM32>\net.exe' start tlntsvr
- '<SYSTEM32>\net1.exe' localgroup administrators /add
- '<SYSTEM32>\tlntadmn.exe' config port=28
- '<SYSTEM32>\net1.exe' user 64068938 /add
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''