Техническая информация
- '%TEMP%\BundleInstaller.exe' -silent -SIMRB=Guppy -Cargo=CT3321554 -SIMTP="pid=792&cmpid=39518&plcmtid=553948&cveid=1362059" -ConAsto -DID=10820 -revert -SIMSDMURL=http://cd#.####load.sweetpacks.com/simsdm/conduit/SP/bundle/bundlesweetimsetup.exe
- '%TEMP%\BundleInstaller.exe' (загружен из сети Интернет)
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\BundleSweetIMSetup[1].exe
- %TEMP%\BundleInstaller.exe
- %TEMP%\nsa2.tmp\ginetc.dll
- %TEMP%\nsa2.tmp\System.dll
- %TEMP%\nsa2.tmp\IpConfig.dll
- %TEMP%\nsa2.tmp\IpConfig.dll
- %TEMP%\nsa2.tmp\System.dll
- %TEMP%\nsa2.tmp\ginetc.dll
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- 'sm###.gmtrack.com':443
- 'i.###rack.com':443
- 'cd#.####load.sweetpacks.com':80
- cd#.####load.sweetpacks.com/simsdm/bing/Agent/BundleSweetIMSetup.exe
- DNS ASK sm###.gmtrack.com
- DNS ASK i.###rack.com
- DNS ASK cd#.####load.sweetpacks.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'