Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'GoogleInstaller' = '<SYSTEM32>\Win32Cf.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'UpdateMachine' = '%WINDIR%\AVupdate.exe'
- <SYSTEM32>\reg.exe add hklm\software\microsoft\windows\currentversion\run /v GoogleInstaller /t reg_sz /d <SYSTEM32>\Win32Cf.exe /f
- <SYSTEM32>\reg.exe add hklm\software\microsoft\windows\currentversion\run /v UpdateMachine /t reg_sz /d %WINDIR%\AVupdate.exe /f
- <SYSTEM32>\Win32Cf.exe
- %WINDIR%\AVupdate.exe
- 'www.fr###ebs.com':80
- 'localhost':1036
- www.fr###ebs.com/polluelito/iframe.html
- DNS ASK www.fr###ebs.com
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''