Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Microsoft Update' = '%APPDATA%\hostService.exe'
- '%APPDATA%\stub1.exe'
- '%APPDATA%\hostService.exe'
- '%TEMP%\nsk2.tmp\ns3.tmp' "%APPDATA%\7za.exe" e -pgipsy 1.7z
- '%APPDATA%\7za.exe' e -pgipsy 1.7z
- '<SYSTEM32>\ping.exe' 1.1.1.1 -n 1 -w 30000
- '<SYSTEM32>\cmd.exe' /c "%APPDATA%\die.bat"
- %APPDATA%\hostService.exe
- %APPDATA%\stub1.exe
- %APPDATA%\die.bat
- %APPDATA%\dat.dat
- %APPDATA%\1.7z
- %APPDATA%\7za.exe
- %TEMP%\nsk2.tmp\ns3.tmp
- %TEMP%\nsk2.tmp\nsExec.dll
- %TEMP%\~DFE05C.tmp
- %APPDATA%\hostService.exe
- %TEMP%\nsk2.tmp\ns3.tmp
- %TEMP%\nsk2.tmp\nsExec.dll
- ClassName: '(null)' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'