Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'GreenUpdate' = '"%CommonProgramFiles%\GreenSoft\GreenUpdate.exe"'
- '%CommonProgramFiles%\GreenSoft\GreenUpdate.exe' 7#0#<Полный путь к вирусу>#1,0,0,0
- '%CommonProgramFiles%\GreenSoft\GreenUpdate.exe' 9
- '%CommonProgramFiles%\GreenSoft\GreenUpdate.exe' 6#0#0#0#<Полный путь к вирусу>#1,0,0,0
- '%CommonProgramFiles%\GreenSoft\GreenUpdate.tmp.exe' 2#1,0,0,0
- '%CommonProgramFiles%\GreenSoft\GreenUpdate.tmp.exe' 4
- %CommonProgramFiles%\GreenSoft\GreenUpdate.tmp.exe
- %TEMP%\nsc2.tmp
- %CommonProgramFiles%\GreenSoft\GreenUpdate.tmp.exe в %CommonProgramFiles%\GreenSoft\GreenUpdate.exe
- 'pb.##ushpop.com':80
- pb.##ushpop.com/g/gu_a0.gif?gi########################################################################################
- DNS ASK pb.##ushpop.com
- ClassName: '338D03102DDE4e6a8A6835921C828A7C' WindowName: '(null)'