Техническая информация
- [\REGISTRY\USER\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] 'WSUSUpdate' = '%APPDATA%\Mozilla\WSUSUpdate\wsusupdate.exe'
- [\REGISTRY\USER\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] 'WSUSUpdate' = '%APPDATA%\Mozilla\WSUSUpdate\wsusupdate.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'WSUSUpdate' = '%APPDATA%\Mozilla\WSUSUpdate\wsusupdate.exe'
- %APPDATA%\Mozilla\WSUSUpdate\wsusupdate.exe
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'WarnonZoneCrossing' = '00000000'
- %TEMP%\dmqnickq.png
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\xml[1]
- %APPDATA%\Mozilla\WSUSUpdate\wsusupdate.dll
- %APPDATA%\Mozilla\WSUSUpdate\wsusupdate.exe
- %TEMP%\dmqnickq.png
- '21#.#74.137.85':80
- 21#.#74.137.85/xml?a=################
- DNS ASK nt#.#asa.gov
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'Indicator' WindowName: ''