Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'sidebar' = '%APPDATA%\Roaming\Sample.lnk'
- %APPDATA%\Roaming\Sample.lnk
- %APPDATA%\Roaming\EZaj\wnsupd.exe
- %APPDATA%\Roaming\010112.txt
- %TEMP%\TarB647.tmp
- %TEMP%\CabB5C7.tmp
- %TEMP%\TarB5C8.tmp
- %TEMP%\CabB646.tmp
- %TEMP%\CabB646.tmp
- %TEMP%\TarB647.tmp
- %TEMP%\CabB5C7.tmp
- %TEMP%\TarB5C8.tmp
- 'www.download.windowsupdate.com':80
- www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
- DNS ASK www.download.windowsupdate.com