Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'VBundleOuterDL' = '%PROGRAM_FILES%\VBouncer\BundleOuter.EXE'
- '%TEMP%\GLB4.tmp' %PROGRAM_FILES%\VBouncer\BundleOuter.EXE /S4736 %PROGRAM_FILES%\VBouncer\BUNDLE~1.EXE
- '%PROGRAM_FILES%\VBouncer\InstallT.exe' http://in#####.spywarelabs.com/Tracking/Tracking.html
- %TEMP%\GLB4.tmp
- %PROGRAM_FILES%\VBouncer\~GLH0002.TMP
- %TEMP%\GLM6.tmp
- %TEMP%\GLC5.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\Tracking[1].html
- %TEMP%\GLK2.tmp
- %TEMP%\GLC1.tmp
- %PROGRAM_FILES%\VBouncer\~GLH0001.TMP
- %PROGRAM_FILES%\VBouncer\~GLH0000.TMP
- %TEMP%\GLC1.tmp
- %TEMP%\GLK2.tmp
- %PROGRAM_FILES%\VBouncer\InstallT.exe
- %PROGRAM_FILES%\VBouncer\~GLH0002.TMP в %PROGRAM_FILES%\VBouncer\BundleOuter.EXE
- %PROGRAM_FILES%\VBouncer\~GLH0001.TMP в %PROGRAM_FILES%\VBouncer\InstallT.exe
- %PROGRAM_FILES%\VBouncer\~GLH0000.TMP в %PROGRAM_FILES%\VBouncer\Setup.INI
- '64.##.214.42':80
- 'in#####.spywarelabs.com':80
- 'localhost':1037
- in#####.spywarelabs.com/Tracking/Tracking.html
- 64.##.214.42/InstCount/InstCount.aspx
- DNS ASK in#####.spywarelabs.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''