Техническая информация
- <SYSTEM32>\wermgr.exe
- <SYSTEM32>\cmd.exe
- %ProgramFiles%\unp\logs\updatenotificationpipeline.001.etl в %ProgramFiles%\unp\logs\updatenotificationpipeline.002.etl
- %ProgramFiles%\UNP\Logs\UpdateNotificationPipeline.001.etl
- http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?79##############
- http://ch#####.amazonaws.com/
- '12#.#01.76.252':443
- DNS ASK ch#####.amazonaws.com
- DNS ASK 19#.###.#11.95.zen.spamhaus.org
- DNS ASK 19#.###.#11.95.cbl.abuseat.org
- DNS ASK 19#.###.###.95.b.barracudacentral.org
- '<SYSTEM32>\sc.exe' start wuauserv
- '<SYSTEM32>\apphostregistrationverifier.exe'
- '<SYSTEM32>\wermgr.exe'