Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'xhrmy' = '%WINDIR%\Xhrmy.exe'
- %WINDIR%\Xhrmy.exe
- <SYSTEM32>\InstaFinder_inst.exe
- <SYSTEM32>\SSK_B5_MVSSK2.EXE
- %WINDIR%\HLInstaller3.exe
- %TEMP%\nsm3.tmp
- <SYSTEM32>\InstaFinder_inst.exe
- %TEMP%\nsr4.tmp\nsisdl.dll
- %TEMP%\InstaFinder_inst.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\post[1].htm
- %TEMP%\i1.tmp
- <SYSTEM32>\SSK_B5_MVSSK2.EXE
- %TEMP%\SskUpdater.exe
- %WINDIR%\Xhrmy.exe
- %WINDIR%\HLInstaller3.exe
- %TEMP%\InstaFinder_inst.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\post[1].htm
- 'www.in###finder.com':80
- 'www.we###tinfo.net':80
- '66.##9.219.199':80
- www.in###finder.com/404/install/InstaFinder.exe
- 66.##9.219.199http://dl.surfsidekick.com/Bundling/SskUpdater4bp5.exe?ve#####################################
- www.we###tinfo.net/post.asp
- DNS ASK www.in###finder.com
- DNS ASK www.we###tinfo.net