Техническая информация
- '%TEMP%\tmp627.exe'
- '%TEMP%\tmp51D9.exe'
- '%TEMP%\RarSFX0\cstiming.exe'
- '%TEMP%\SteamUpdate.exe'
- '%TEMP%\csgtimer.exe'
- '%TEMP%\tmp51D9.exe' (загружен из сети Интернет)
- '<SYSTEM32>\cmd.exe' /c taskkill /f /im steam.exe
- '<SYSTEM32>\ping.exe' 1.1.1.1 -n 1 -w 1000
- '<SYSTEM32>\taskkill.exe' /f /im steam.exe
- '<SYSTEM32>\cmd.exe' /c %TEMP%\tmp627.bat
- '<SYSTEM32>\cmd.exe' /c start "" "%TMP%\tmp51D9.exe"
- '<SYSTEM32>\cmd.exe' /c start "" "%tmp%\csgtimer.exe"
- '<SYSTEM32>\cmd.exe' /c start "" "%tmp%\SteamUpdate.exe"
- '<SYSTEM32>\cmd.exe' /c start "" "%tmp%\tmp627.exe"
- '<SYSTEM32>\cmd.exe' /c del "%TMP%\csgtimer.exe"
- '<SYSTEM32>\cmd.exe' /C ping 1.1.1.1 -n 1 -w 1000 > Nul & Del "%TEMP%\RarSFX0\cstiming.exe"
- [<HKCU>\Software\Valve\Steam]
- C:\Steam.exe
- <SYSTEM32>\CatRoot\{SETUP-ID-21Z1-88F5-13C08ZC295GJ}.dll
- %TEMP%\tmp627.bat
- %TEMP%\tmp51D9.exe
- %TEMP%\csgtimer.exe
- %TEMP%\SteamUpdate.exe
- %TEMP%\tmp627.exe
- %TEMP%\RarSFX0\cstiming.exe
- %TEMP%\RarSFX0\cstiming.exe
- %TEMP%\tmp627.exe
- %TEMP%\csgtimer.exe
- 'dq####dq.clan.su':80
- 'cs##ckz.cf':80
- http://dq####dq.clan.su/_fr/favicon11.ico
- http://cs##ckz.cf/xcx/bcparams.php
- DNS ASK dq####dq.clan.su
- DNS ASK cs##ckz.cf
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''