Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'exexc10' = '%TEMP%\RarSFX0\a\sppsvd.exe '
- '<SYSTEM32>\wscript.exe' "%TEMP%\RarSFX0\0.vbs"
- '%TEMP%\RarSFX1\smss.exe'
- '<SYSTEM32>\reg.exe' add "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v exexc10 /t REG_SZ /d "%TEMP%\RarSFX0\a\sppsvd.exe
- '<SYSTEM32>\taskkill.exe' /im smss.exe /f
- '<SYSTEM32>\reg.exe' delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f
- '%TEMP%\RarSFX0\0.exe' /start
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\RarSFX0\1.bat" /start"
- '%TEMP%\RarSFX0\a\sppsvd.exe' /start
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\m88games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\m83games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\m207games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\m344games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\m364games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\m103games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\m183games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\m203games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\m163games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\m123games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\m143games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\m324games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\m304games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\m324games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\m284games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\m244games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\m264games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\m344games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\m284games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\m304games[2]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\m264games[2]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\m364games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\m207games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\m226games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\m300games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\m259games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\m280games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\m368games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\m216games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\m320games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\m379games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\m266games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\m380games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\m340games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\m360games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\m348games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\m175games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\m215games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\m155games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\m115games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\m135games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\m195games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\m308games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\m328games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\m288games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\m388games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\m268games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\m92games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\m113games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\m236games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\m208games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\m188games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\m133games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\m213games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\m384games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\m193games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\m153games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\m173games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\m168games[1]
- %TEMP%\RarSFX0\a\sppsvd.exe
- %TEMP%\RarSFX1\Interop.SHDocVw.dll
- %TEMP%\RarSFX0\1.bat
- %TEMP%\RarSFX0\0.exe
- %TEMP%\RarSFX0\0.vbs
- %TEMP%\RarSFX1\smss.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\m128games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\m148games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\m108games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\m61games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\m88games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\m242games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\m89games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\m110games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\m370games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\m355games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\m375games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\m150games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\m210games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\m239games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\m190games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\m130games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\m170games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\m335games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\m322games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\m342games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\m302games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\m262games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\m282games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\m362games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\m295games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\m315games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\m275games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\m204games[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\m255games[1]
- %TEMP%\RarSFX0\0.exe
- 'localhost':1044
- '74.##5.232.51':80
- 'wp#d':80
- 'ku##er.com':80
- http://ku##er.com/m163games/?
- http://ku##er.com/m183games/?
- http://ku##er.com/m143games/?
- http://ku##er.com/m103games/?
- http://ku##er.com/m123games/?
- http://ku##er.com/m135games/?
- http://ku##er.com/m155games/?
- http://ku##er.com/m115games/?
- http://ku##er.com/m203games/?
- http://ku##er.com/m226games/?
- http://ku##er.com/m83games/?
- http://ku##er.com/m264games/?
- http://ku##er.com/m284games/?
- http://ku##er.com/m244games/?
- http://ku##er.com/m210games/?
- http://ku##er.com/m239games/?
- http://ku##er.com/m364games/?
- http://ku##er.com/m207games/?
- http://ku##er.com/m344games/?
- http://ku##er.com/m304games/?
- http://ku##er.com/m324games/?
- http://ku##er.com/m175games/?
- http://ku##er.com/m340games/?
- http://ku##er.com/m360games/?
- http://ku##er.com/m320games/?
- http://ku##er.com/m300games/?
- http://ku##er.com/m259games/?
- http://ku##er.com/m286games/?
- http://ku##er.com/m306games/?
- http://ku##er.com/m266games/?
- http://ku##er.com/m380games/?
- http://ku##er.com/m379games/?
- http://ku##er.com/m280games/?
- http://ku##er.com/m268games/?
- http://ku##er.com/m288games/?
- http://ku##er.com/m388games/?
- http://ku##er.com/m215games/?
- http://ku##er.com/m195games/?
- http://ku##er.com/m368games/?
- http://ku##er.com/m216games/?
- http://ku##er.com/m348games/?
- http://ku##er.com/m308games/?
- http://ku##er.com/m328games/?
- http://ku##er.com/m190games/?
- http://ku##er.com/m92games/?
- http://ku##er.com/m113games/?
- http://ku##er.com/m236games/?
- http://ku##er.com/m208games/?
- http://ku##er.com/m188games/?
- http://ku##er.com/m193games/?
- http://ku##er.com/m213games/?
- http://ku##er.com/m173games/?
- http://ku##er.com/m133games/?
- http://ku##er.com/m153games/?
- http://ku##er.com/m168games/?
- http://ku##er.com/advnew/tdv17.txt
- http://google.com/ via 74.##5.232.51
- http://ku##er.com/advnew/d01.txt
- http://11#.#11.111.1/wpad.dat via wp#d
- http://ku##er.com/advnew/tdvt15.txt
- http://ku##er.com/m128games/?
- http://ku##er.com/m148games/?
- http://ku##er.com/m108games/?
- http://ku##er.com/m61games/?
- http://ku##er.com/m88games/?
- http://ku##er.com/m384games/?
- http://ku##er.com/m375games/?
- http://ku##er.com/m370games/?
- http://ku##er.com/m355games/?
- http://ku##er.com/m315games/?
- http://ku##er.com/m335games/?
- http://ku##er.com/m130games/?
- http://ku##er.com/m170games/?
- http://ku##er.com/m150games/?
- http://ku##er.com/m89games/?
- http://ku##er.com/m110games/?
- http://ku##er.com/m295games/?
- http://ku##er.com/m302games/?
- http://ku##er.com/m322games/?
- http://ku##er.com/m282games/?
- http://ku##er.com/m242games/?
- http://ku##er.com/m262games/?
- http://ku##er.com/m255games/?
- http://ku##er.com/m275games/?
- http://ku##er.com/m204games/?
- http://ku##er.com/m342games/?
- http://ku##er.com/m362games/?
- DNS ASK google.com
- DNS ASK ku##er.com
- DNS ASK wp#d
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''