Техническая информация
- %TEMP%\cmdinst.exe /VERYSILENT
- %PROGRAM_FILES%\InetGet2\MTE3MTk6ODoxNg.exe child
- %PROGRAM_FILES%\InetGet2\MTE3MTk6ODoxNg.exe
- %TEMP%\cmdinst.exe (загружен из сети Интернет)
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\installer[1].php
- %TEMP%\cmdinst.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\checkin[1].php
- %TEMP%\nsp2.tmp
- %TEMP%\nsf3.tmp\System.dll
- %PROGRAM_FILES%\InetGet2\MTE3MTk6ODoxNg.exe
- 'cs#.#dservs.com':80
- 'co####d.adservs.com':80
- cs#.#dservs.com/checkin.php?af##############################
- co####d.adservs.com/binaries/installer.php?a=##############
- DNS ASK cs#.#dservs.com
- DNS ASK co####d.adservs.com