Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Microsoft.Exe' = '"%ALLUSERSPROFILE%\server.exe" ..'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Microsoft.Exe' = '"%ALLUSERSPROFILE%\server.exe" ..'
- %HOMEPATH%\Start Menu\Programs\Startup\Microsoft.Exe.exe
- '<SYSTEM32>\schtasks.exe' /create /sc minute /mo 10 /tn server /tr %HOMEPATH%\Local Settings\TempMicrosoft.Exe.exe
- '%ALLUSERSPROFILE%\server.exe'
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch.new
- %HOMEPATH%\Local Settings\TempMicrosoft.Exe.exe
- %ALLUSERSPROFILE%\server.exe
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch.new
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch.new в %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch.new в %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch
- 'ha#####gaza.ddns.net':7070
- DNS ASK ha#####gaza.ddns.net