Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Windows Update Check' = '\Win Update\update64.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Windows Update Check' = '%APPDATA%\Win Update\update64.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Shell' = '"%APPDATA%\Win update\4Wy3oo7j5r1k.exe",explorer.exe'
- '<SYSTEM32>\ping.exe' -n 1 -w 1000 www.pi###orm.com
- '%TEMP%\nsn3.tmp\ns4.tmp' ping -n 1 -w 1000 www.pi###orm.com
- '%TEMP%\8AcuLQQLccFogudm.exe'
- C:\Win Update\update64.exe
- %APPDATA%\Win update\update64.exe
- %APPDATA%\Imminent\Path.dat
- %APPDATA%\Imminent\Logs\31-07-2017
- %TEMP%\8AcuLQQLccFogudm.exe
- %APPDATA%\Win update\4Wy3oo7j5r1k.exe
- %TEMP%\nsi2.tmp
- %TEMP%\7yjCnObqw68dG7js
- %APPDATA%\Win update\4Wy3oo7j5r1k.exe
- %TEMP%\nsn3.tmp\ns4.tmp
- 'www.pi###orm.com':443
- '11#.#uckdns.org':9003
- DNS ASK www.pi###orm.com
- DNS ASK 11#.#uckdns.org
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''