Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Google' = '%TEMP%\Googleup.exe'
- %TEMP%\Googleup.exe
- %TEMP%\pinball.exe
- %TEMP%\googleupload.exe
- %TEMP%\dfhz.exe x "%TEMP%\bxevm.7z" -pieeaomlzpv -o"%TEMP%\" -aoa
- %TEMP%\dlkvgqfn.exe
- %TEMP%\pinball.exe (загружен из сети Интернет)
- <SYSTEM32>\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Google /t REG_SZ /d "%TEMP%\Googleup.exe" /f
- %TEMP%\Googleup.exe
- %TEMP%\nsj5.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\3724fd14.linkbucks[1]
- %TEMP%\pinball.exe
- %TEMP%\googleupload.exe
- %TEMP%\dlkvgqfn.exe
- %TEMP%\nss2.tmp
- %TEMP%\dfhz.exe
- %TEMP%\nso3.tmp\ExecDos.dll
- %TEMP%\bxevm.7z
- %TEMP%\~DF4AB3.tmp
- %TEMP%\nso3.tmp\ExecDos.dll
- 'localhost':1038
- '37#####4.linkbucks.com':80
- 'localhost':1035
- 'in#####.cptncorn.com':80
- 37#####4.linkbucks.com/
- in#####.cptncorn.com/installer/zcdownload/163d08489b22fe24ce58ef4ba0943f1575a743b7607287cbc9aeece78d1bf957eeb778d1ef:3da4f40ee652ef29f9b164207ce2bd77/
- DNS ASK 37#####4.linkbucks.com
- DNS ASK in#####.cptncorn.com
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''