Техническая информация
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\.IgHiJkLiO
- %APPDATA%\Windoows Update\aSSSSS.xml
- %APPDATA%\Windoows Update\Windoows Update.exe
- <SYSTEM32>\.IgHiJkLiO
- %APPDATA%\Windoows Update\aSSSSS.xml
- 'be####us.ns1.name':8080
- 'wp#d':80
- http://11#.#11.111.1/wpad.dat via wp#d
- DNS ASK be####us.ns1.name
- DNS ASK wp#d
- '<SYSTEM32>\svchost.exe'
- '<SYSTEM32>\schtasks.exe' /Create /TN "Windoows Update\Windoows Update" /XML "%APPDATA%\Windoows Update\aSSSSS.xml"