Техническая информация
- %TEMP%\<Имя вируса>.exe
- %TEMP%\Cab6.tmp
- %TEMP%\Cab8.tmp
- %TEMP%\Cab4.tmp
- %APPDATA%\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
- %APPDATA%\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
- %TEMP%\Cab10.tmp
- %APPDATA%\PC MightyMax File Extension Repair\AgentID
- %TEMP%\CabE.tmp
- %TEMP%\CabA.tmp
- %TEMP%\CabC.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\tracking[1].php
- %APPDATA%\IA-ID
- %TEMP%\nsr3.tmp\inetc.dll
- %TEMP%\nsp2.tmp
- %TEMP%\nsr3.tmp\NSISpcre.dll
- %APPDATA%\Microsoft\CryptnetUrlCache\MetaData\2BF68F4714092295550497DD56F57004
- %APPDATA%\Microsoft\CryptnetUrlCache\Content\2BF68F4714092295550497DD56F57004
- %TEMP%\<Имя вируса>.exe
- %TEMP%\PCMightyMaxExtFixInstaller.exe
- %TEMP%\InstallDotNet.exe
- %TEMP%\CabC.tmp
- %TEMP%\CabA.tmp
- %TEMP%\Cab10.tmp
- %TEMP%\CabE.tmp
- %TEMP%\Cab8.tmp
- %TEMP%\nsr3.tmp\NSISpcre.dll
- %TEMP%\nsr3.tmp\inetc.dll
- %TEMP%\Cab6.tmp
- %TEMP%\Cab4.tmp
- 'www.download.windowsupdate.com':80
- 'wp#d':80
- 'www.pc###htymax.net':80
- www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt
- www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
- www.pc###htymax.net/fer/tracking.php?e=###########
- wp#d/wpad.dat
- DNS ASK wp#d
- DNS ASK www.download.windowsupdate.com
- DNS ASK www.pc###htymax.net
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''