Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\batchfile.bat
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DoNotAllowExceptions' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'EnableFirewall' = '00000000'
- <SYSTEM32>\net1.exe stop "security center"
- <SYSTEM32>\attrib.exe +h "%TEMP%\1.tmp\batchfile.bat"
- <SYSTEM32>\cmd.exe /c ""%TEMP%\selfdel0.bat" "
- <SYSTEM32>\net.exe stop "security center"
- <SYSTEM32>\cmd.exe /c ""%TEMP%\1.tmp\batchfile.bat" "
- <SYSTEM32>\net1.exe user %USERNAME% *abcde1
- <SYSTEM32>\netsh.exe firewall set opmode mode=disable
- %TEMP%\selfdel0.bat
- %TEMP%\1.tmp\batchfile.bat
- %TEMP%\1.tmp\batchfile.bat
- %TEMP%\1.tmp\batchfile.bat