Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'shell' = 'explorer.exe, "%APPDATA%\Google\updater.exe"'
- tmp3886.tmp.exe
- %TEMP%\tmp2f3f.tmp.exe
- %TEMP%\tmp3886.tmp.exe
- %TEMP%\tmp3962.tmp.exe
- %APPDATA%\google\updater.exe
- %WINDIR%\serviceprofiles\networkservice\appdata\locallow\microsoft\cryptneturlcache\metadata\f0accf77cdcbff39f6191887f6d2d357
- %WINDIR%\serviceprofiles\networkservice\appdata\locallow\microsoft\cryptneturlcache\content\f0accf77cdcbff39f6191887f6d2d357
- %APPDATA%\google\updater.exe
- 'ip###ger.org':443
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- DNS ASK av#.online
- DNS ASK ma##r.info
- DNS ASK ip###ger.org
- '%TEMP%\tmp2f3f.tmp.exe'
- '%TEMP%\tmp3886.tmp.exe'
- '%TEMP%\tmp3962.tmp.exe'
- '%APPDATA%\google\updater.exe'