Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Windows Update watcher' = '%APPDATA%\Microsoft\UpdateWatcher.exe'
- '%CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE' -x -s 428
- '%APPDATA%\Microsoft\UpdateWatcher.exe'
- %TEMP%\1DE26.dmp
- %TEMP%\dw.log
- %APPDATA%\Microsoft\UpdateWatcher.exe
- 'ir#.##eenode.net':6667
- DNS ASK ir#.##eenode.net
- ClassName: 'Shell_TrayWnd' WindowName: ''