Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'WindowsUpdate' = '"%APPDATA%\Microsoft\Windows\WindowsUpdate\wscntft.exe"'
- %WINDIR%\Explorer.EXE
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\CRNJEUFU-680f[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\CRNJEUFU-680f[1]
- %APPDATA%\Microsoft\Windows\WindowsUpdate\wscntft.dll
- %APPDATA%\Microsoft\Windows\WindowsUpdate\wscntft.exe
- '12#.#54.110.117':8080
- '12#.#54.110.117':443
- '12#.#54.110.117':80
- 'dm##.#kypetm.com.tw':8080
- 'dm##.#kypetm.com.tw':443
- 'dm##.#kypetm.com.tw':80
- 12#.#54.110.117/FC001/CRNJEUFU-680f
- dm##.#kypetm.com.tw/FC001/CRNJEUFU-680f
- DNS ASK dm##.#kypetm.com.tw
- ClassName: 'Progman' WindowName: ''
- ClassName: 'Indicator' WindowName: ''