Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Windows Update' = 'C:\ProgramData\Windows\WindowsUpdate\Windows Update.lnk'
- 'C:\ProgramData\Windows\WindowsUpdate\rundll32.exe'
- C:\ProgramData\Windows\WindowsUpdate\poclbm130302.cl
- C:\ProgramData\Windows\WindowsUpdate\poclbm.exe
- C:\ProgramData\Windows\WindowsUpdate\phatk121016.cl
- C:\ProgramData\Windows\WindowsUpdate\scrypt130511.cl
- C:\ProgramData\Windows\WindowsUpdate\libpdcurses.dll
- C:\ProgramData\Windows\WindowsUpdate\pthreadGC2.dll
- C:\ProgramData\Windows\WindowsUpdate\ssleay32.dll
- C:\ProgramData\Windows\WindowsUpdate\diablo130302.cl
- C:\ProgramData\Windows\WindowsUpdate\Windows Update.lnk
- C:\ProgramData\Windows\WindowsUpdate\rundll32.exe
- C:\ProgramData\Windows\WindowsUpdate\diakgcn121016.cl
- C:\ProgramData\Windows\WindowsUpdate\libidn-11.dll
- C:\ProgramData\Windows\WindowsUpdate\libeay32.dll
- C:\ProgramData\Windows\WindowsUpdate\libcurl.dll
- 'www.yo##ube.com':80
- 'wp#d':80
- www.yo##ube.com/
- wp#d/wpad.dat
- DNS ASK www.yo##ube.com
- DNS ASK wp#d
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'