Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%TEMP%\flashget_93591_1.exe' = '%TEMP%\flashget_93591_1.exe:*:Enabled:fg_ol_setup'
- '%TEMP%\flashget_93591_1.exe'
- '%TEMP%\PPTV(pplive)_forqd507.exe'
- '%TEMP%\avgloader000015.exe'
- '%TEMP%\Loader_forqd507.exe'
- '%TEMP%\download3.exe'
- '%TEMP%\PPTV(pplive)_forqd507.exe' (загружен из сети Интернет)
- %TEMP%\PPTV(pplive)_forqd507.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\PPTV(pplive)_forqd507[1].exe
- %TEMP%\fohpfiqv.exe
- %TEMP%\avgloader\update000015.txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\update000015[1].txt
- %TEMP%\Loader_forqd507.exe
- %TEMP%\nsy2.tmp\System.dll
- %TEMP%\download3.exe
- %TEMP%\flashget_93591_1.exe
- %TEMP%\avgloader000015.exe
- %TEMP%\fohpfiqv.exe
- %TEMP%\nsy2.tmp\System.dll
- 'dn#.#wbww.com':80
- 'do#####d.avgsafe.com':80
- 'localhost':1036
- 'do####ad.pplive.com':80
- do#####d.avgsafe.com/config/update000015.txt
- dn#.#wbww.com/images/ld709.txt
- do####ad.pplive.com/PPTV(pplive)_forqd507.exe
- DNS ASK p2#####gji.flashget.com
- DNS ASK s4.##ashget.com
- DNS ASK ol####.flashget.com
- DNS ASK do####ad.pplive.com
- DNS ASK dn#.#wbww.com
- DNS ASK do#####d.avgsafe.com
- 'p2#####gji.flashget.com':5555
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'