Техническая информация
- '<SYSTEM32>\taskkill.exe' /F /IM cmd.exe
- '<SYSTEM32>\cmd.exe' /c %TEMP%\4e5g.bat
- '<SYSTEM32>\cmd.exe' /c %TEMP%\3Y6V6N.bat
- '<SYSTEM32>\taskkill.exe' /f /t /im av*
- <SYSTEM32>\cmd.exe
- AVPCC.EXE
- AVP32.EXE
- AVSYNMGR.EXE
- AVPM.EXE
- AVP.EXE
- AVGCC32.EXE
- avgcc.exe
- AVP.COM
- AVGCTRL.EXE
- %PROGRAM_FILES%\1B0v5j7j2o\0y3H8A.3e6f2u
- %PROGRAM_FILES%\1B0v5j7j2o\0U3z5w.8b8I2x
- %PROGRAM_FILES%\1B0v5j7j2o\3N4w4r.4t8B8Z
- %TEMP%\4e5g.bat
- %PROGRAM_FILES%\1B0v5j7j2o\7G7i3Z.8B8B5S
- %PROGRAM_FILES%\1B0v5j7j2o\4k3V6P.5d2t3w
- %TEMP%\3Y6V6N.bat
- %PROGRAM_FILES%\1B0v5j7j2o\2J5Z3h.3N1r2g
- %PROGRAM_FILES%\1B0v5j7j2o\0M0Y8e.5g5b3R
- %PROGRAM_FILES%\1B0v5j7j2o\4q7m2v.4E3Y3D
- %PROGRAM_FILES%\1B0v5j7j2o\0y3H8A.3e6f2u
- %PROGRAM_FILES%\1B0v5j7j2o\0U3z5w.8b8I2x
- %PROGRAM_FILES%\1B0v5j7j2o\7G7i3Z.8B8B5S
- %PROGRAM_FILES%\1B0v5j7j2o\3N4w4r.4t8B8Z
- %PROGRAM_FILES%\1B0v5j7j2o\0M0Y8e.5g5b3R
- %PROGRAM_FILES%\1B0v5j7j2o\4k3V6P.5d2t3w
- %TEMP%\3Y6V6N.bat
- %PROGRAM_FILES%\1B0v5j7j2o\4q7m2v.4E3Y3D
- %PROGRAM_FILES%\1B0v5j7j2o\2J5Z3h.3N1r2g
- 'mu####ynfesta.com':80
- mu####ynfesta.com/page1/in3/home3.html
- mu####ynfesta.com/page1/in3/home4.html
- mu####ynfesta.com/page1/in3/home1.html
- mu####ynfesta.com/page1/in3/home_sub_2.html
- DNS ASK mu####ynfesta.com
- ClassName: 'MS_WINHELP' WindowName: '(null)'
- ClassName: '(null)' WindowName: '(null)'