Техническая информация
- %WINDIR%\Tasks\davenport-sys.job
- '<SYSTEM32>\net.exe' start schedule
- '<SYSTEM32>\net1.exe' start schedule
- '%ProgramFiles%\Davenport\Updater\1.0\updater.exe' -runmode=addsystask
- '%TEMP%\nsr3.tmp\ns4.tmp' "<SYSTEM32>\cscript.exe" //Nologo "client_zone_id.js" set_client_zoneid "Software\SoftwareRefresher" 3015109 1477780800
- '<SYSTEM32>\cscript.exe' //Nologo "client_zone_id.js" set_client_zoneid "Software\SoftwareRefresher" 3015109 1477780800
- '%TEMP%\nsr3.tmp\ns5.tmp' net.exe start schedule
- %TEMP%\nsr3.tmp\nsExec.dll
- <LS_APPDATA>\Software Refresher\SoftwareDetector.exe
- <LS_APPDATA>\Software Refresher\systeminfo.js
- %TEMP%\nsr3.tmp\ns4.tmp
- %TEMP%\nsr3.tmp\ns5.tmp
- %ProgramFiles%\Davenport\Updater\1.0\updater.exe
- %ProgramFiles%\Davenport\Updater\updater.exe
- %TEMP%\nsr3.tmp\md5dll.dll
- %TEMP%\nsr3.tmp\System.dll
- %TEMP%\nsm2.tmp
- <LS_APPDATA>\Software Refresher\icon.ico
- <LS_APPDATA>\Software Refresher\canvas.js
- <LS_APPDATA>\Software Refresher\report.js
- <LS_APPDATA>\Software Refresher\client_zone_id.js
- %TEMP%\nsr3.tmp\ns5.tmp
- %TEMP%\nsr3.tmp\ns4.tmp
- 'cd#####-a.akamaihd.net':80
- http://cd#####-a.akamaihd.net/tb/gz.php?ke################################################################
- DNS ASK cd#####-a.akamaihd.net