Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\Windows Update.lnk
- '%APPDATA%\Windows\wuapp.exe'
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\cmd.exe' /c "%TEMP%\selfRemoval.bat"
- %TEMP%\selfRemoval.bat
- %APPDATA%\Windows\wuapp.exe
- 'ad#####ader.ddns.net':443
- 'www.wi###edia.org':80
- www.wi###edia.org/
- DNS ASK ad#####ader.ddns.net
- DNS ASK www.wi###edia.org
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'WinsUpsCls' WindowName: 'WinsUpsCls'