Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] 'System.' = '%ALLUSERSPROFILE%\WindowsUpdate\System\Isass.exe'
- '%ALLUSERSPROFILE%\WindowsUpdate\System\Isass.exe'
- '<SYSTEM32>\reg.exe' ADD \\.\HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run /v System. /t REG_SZ /d "%ALLUSERSPROFILE%\WindowsUpdate\System\Isass.exe" /f
- %ALLUSERSPROFILE%\WindowsUpdate\System\Isass.exe
- %TEMP%\System\Configurations.ini
- %ALLUSERSPROFILE%\WindowsUpdate\System\Isass.exe
- 'xm###tasite.com':80
- DNS ASK xm###tasite.com