Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\GoogleUpdaterService] 'Start' = '00000002'
- %PROGRAM_FILES%\Google\GoogleUpdaterService.exe (загружен из сети Интернет)
- <SYSTEM32>\sc.exe create GoogleUpdaterService binPath= "%PROGRAM_FILES%\Google\GoogleUpdaterService.exe" type= own start= auto
- <SYSTEM32>\sc.exe delete GoogleUpdaterService
- <SYSTEM32>\sc.exe stop GoogleUpdaterService
- %PROGRAM_FILES%\Google\000207a7.exe
- '1d###.63810.com':80
- 1d###.63810.com/update/a11.exe
- DNS ASK 1d###.63810.com