Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DoNotAllowExceptions' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'EnableFirewall' = '00000000'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram <SYSTEM32>\r_server.exe help
- '<SYSTEM32>\netsh.exe' firewall set opmode disable
- '<SYSTEM32>\wscript.exe' "%TEMP%\Myhelptemp.vbs"
- '%WINDIR%\regedit.exe' /s %TEMP%\RarSFX0\radminnt.reg
- '<SYSTEM32>\attrib.exe' <SYSTEM32>\AdmDll.dll +s +r +a +h
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\install RarSFX0.bat" "
- '<SYSTEM32>\attrib.exe' <SYSTEM32>\r_server.exe +s +r +a +h
- '<SYSTEM32>\attrib.exe' <SYSTEM32>\raddrv.dll +s +r +a +h
- %TEMP%\Myhelptemp.vbs
- %TEMP%\1.tmp\install RarSFX0.bat
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'RegEdit_RegEdit' WindowName: '(null)'