Modified By:: Bren Matthew Ebriega

 

HEUR:Downloader.Win32.MulSetup.gen (KASPERSKY); Downloader.MulSetup (VBA32)

 PLATFORM:

Windows

 OVER ALL RISK RATING:
 DAMAGE POTENTIAL::
 DISTRIBUTION POTENTIAL::
 REPORTED INFECTION:
 INFORMATION EXPOSURE:
Low
Medium
High
Critical

  • Threat Type:
    Potentially Unwanted Application

  • Destructiveness:
    No

  • Encrypted:
    No

  • In the wild::
    Yes

  OVERVIEW

INFECTION CHANNEL: Descargado de Internet

It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

Se conecta a determinados sitios Web para enviar y recibir información.

  TECHNICAL DETAILS

File size: 423,040 bytes
File type: EXE
Memory resident: No
INITIAL SAMPLES RECEIVED DATE: 13 de kwietnia de 2020
PAYLOAD: Connects to URLs/IPs, Displays windows

Detalles de entrada

It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

Instalación

Infiltra los archivos siguientes:

  • %User Temp%\multi_setup.log → contains download config chosen
  • %User Temp%\msetup\msetup.json → log containing program events

(Nota: %User Temp% es la carpeta Temp del usuario activo, que en el caso de Windows 2000(32-bit), XP y Server 2003(32-bit) suele estar en C:\Documents and Settings\{nombre de usuario}\Local Settings\Temp y en el case de Windows Vista, 7, 8, 8.1, 2008(64-bit), 2012(64-bit) y 10(64-bit) en C:\Users\{nombre de usuario}\AppData\Local\Temp).

)

Crea las carpetas siguientes:

  • %User Temp%\msetup
  • %User Temp%\msetup\icons

(Nota: %User Temp% es la carpeta Temp del usuario activo, que en el caso de Windows 2000(32-bit), XP y Server 2003(32-bit) suele estar en C:\Documents and Settings\{nombre de usuario}\Local Settings\Temp y en el case de Windows Vista, 7, 8, 8.1, 2008(64-bit), 2012(64-bit) y 10(64-bit) en C:\Users\{nombre de usuario}\AppData\Local\Temp).

)

Agrega las siguientes exclusiones mutuas para garantizar que solo se ejecuta una de sus copias en todo momento:

  • MulSetup

Rutina de descarga

Accede a los siguientes sitios Web para descargar archivos:

  • https://api.{BLOCKED}p.pro/icons/icons.cab - %UserTemp%\msetup\5e8c8366-a94d4.cab (Icons)

Este malware descarga el archivo desde la siguiente URL y le cambia el nombre al almacenarlo en el sistema afectado:

  • [Development]
    • http:\\cdn3.msetup.download\jdk-13.0.1_windows-x64_bin.exe(Java Development Kit)
  • [Drivers]
    • http:\\cdn3.msetup.download\PhysX-9.16.0318-SystemSoftware.exe(NVIDIA PhysX System Software)
  • [Games]
    • http:\\cdn3.msetup.download\gg\gg_client.exe(Desktop Games)
    • http:\\cdn3.msetup.download\Installer_oscar.exe(Oscar Editor)
    • http:\\cdn3.msetup.download\GameCenterLoader_6c5ca0636d67c4812bb8f6b118d97bfc.exe(Game Center Mail.ru)
    • http:\\cdn3.msetup.download\VimeWorld.exe(VimeWorld)
    • http:\\cdn3.msetup.download\TLauncher-2.66-Installer-0.5.2.exe(Minecraft TLauncher)
    • http:\\cdn3.msetup.download\TLauncher-2.66-Installer-0.5.2.exe(TLauncher)
    • http:\\cdn3.msetup.download\pbsetup.zip(PunkBuster)
  • [Internet, Games]
    • http:\\cdn3.msetup.download\dw\EpicInstaller-7.16.0.msi.zip(Epic Games Launcher)
  • [Internet]
    • http:\\cdn3.msetup.download\dw\Yandex.exe(Yandex Browser)
    • http:\\cdn3.msetup.download\dw\Opera_45.0.2552.812_Setup-Original.exe(Opera)
    • https:\\download.adguard.com\d\29737\adguardInstaller.exe(Adguard)
    • http:\\cdn3.msetup.download\Skype-8.40.0.70.exe(Skype)
    • http:\\cdn3.msetup.download\dw\telegram_1.1.23.exe(Telegram)
    • http:\\cdn3.msetup.download\dw\SteamSetup.exe(Steam)
    • http:\\cdn3.msetup.download\dw\WhatsAppSetup.exe(WhatsApp)
    • http:\\cdn3.msetup.download\dw\DiscordSetup.exe(Discord)
    • http:\\cdn3.msetup.download\ViberSetup.exe(Viber)
    • http:\\cdn3.msetup.download\dw\SFHelper.exe(Savefrom.net)
    • http:\\cdn3.msetup.download\uTorrent.exe(uTorrent)
    • http:\\cdn3.msetup.download\dw\Ammyy-Admin-3.5-Corporate-DC.zip(Ammyy Admin)
    • http:\\cdn3.msetup.download\torbrowser-install-9.0.2_ru.exe(Tor Browser)
    • http:\\cdn3.msetup.download\dw\EIE11_RU-RU_MCM_WIN7.EXE(Internet Explorer)
    • http:\\cdn3.msetup.download\install_flash_player-FireFoX.exe(Adobe Flash Player)
    • http:\\cdn3.msetup.download\TeamViewer_Setup.exe(TeamViewer)
    • http:\\cdn3.msetup.download\dw\Firefox_Setup_55.0.3.exe(Mozilla Firefox)
    • http:\\cdn3.msetup.download\dw\GlazTV-Setup-v1.02.exe(GlazTV)
    • http:\\cdn3.msetup.download\dw\Google_Earth_Pro.exe(Google Earth)
    • http:\\cdn3.msetup.download\dw\IpTvPlayer-setup.exe(IP-TV Player)
    • http:\\cdn3.msetup.download\dw\vksaver-install.exe(VKSaver)
    • http:\\cdn3.msetup.download\dw\2GISShell_3.16.3.0.msi.zip(2GIS)
    • http:\\cdn3.msetup.download\dw\SafariSetup.exe(Safari)
    • http:\\cdn3.msetup.download\dw\VKMusic_4.77.1.exe(VKMusic)
    • http:\\cdn3.msetup.download\dw\raidcall_ru_v8.2.0.exe(RaidCall)
    • http:\\cdn3.msetup.download\dw\OBS-Studio-22.0.2-Full-Installer-x64.exe(OBS Studio)
    • http:\\cdn3.msetup.download\dw\TeamSpeak3-Client-win32-3.1.6.exe(TeamSpeak 3)
    • http:\\cdn3.msetup.download\dw\VirtualRouterInstaller.zip(Virtual Router)
    • http:\\cdn3.msetup.download\dw\drugvokrug_win.exe(Drug Vokrug)
    • http:\\cdn3.msetup.download\dw\UnityWebPlayer.exe(Unity Web Player)
    • http:\\cdn3.msetup.download\dw\dmaster.exe(Download Master)
    • http:\\cdn3.msetup.download\dw\PCRADIO_5.0.2.exe(PCRadio)
    • http:\\cdn3.msetup.download\dw\YandexDiskSetupRu.exe(Yandex Disk)
    • http:\\cdn3.msetup.download\dw\OriginThinSetup.exe(Origin)
    • http:\\cdn3.msetup.download\dw\hamachi_2.2.0.328.msi(Hamachi)
    • http:\\cdn3.msetup.download\dw\TunnelBear-Installer.exe(TunnelBear)
    • http:\\cdn3.msetup.download\dw\googledrivefilestream.exe(Google Drive)
    • http:\\cdn3.msetup.download\dotNetFx45_Full_setup.exe(NET Framework)
    • http:\\cdn3.msetup.download\MicrosoftEdgeSetupBeta.exe(Microsoft Edge)
    • http:\\cdn3.msetup.download\dw\openvpn-install-2.4.6-I602.exe(OpenVPN)
    • http:\\cdn3.msetup.download\dw\Supremo.exe(Supremo)
    • http:\\cdn3.msetup.download\dw\YTDSetup.exe(YouTube Downloader)
    • http:\\cdn3.msetup.download\dw\K-Meleon75.1.exe(K-Meleon)
    • http:\\cdn3.msetup.download\dw\Disk-O_setup.exe(Cloud Mail.ru)
    • http:\\cdn3.msetup.download\dw\Amigo.exe(Amigo)
    • http:\\cdn3.msetup.download\TLauncher-2.66-Installer-0.5.2.exe(TLauncher)
    • http:\\cdn3.msetup.download\dw\icq.exe(ICQ)
    • http:\\cdn3.msetup.download\ChromeSetup.exe(Google Chrome)
    • http:\\cdn3.msetup.download\SASPlanet_181221.zip(SAS Planet 2019)
    • http:\\cdn3.msetup.download\dw\UC_Browser_7.0.69.1022.exe(UC Browser)
    • http:\\cdn3.msetup.download\dw\FileZilla_Server-0_9_60_2.exe(FileZilla)
    • http:\\cdn3.msetup.download\dw\mx_5.1.3.2000.exe(Maxthon)
    • http:\\cdn3.msetup.download\dw\HotspotShield-7.4.2-328881.exe(Hotspot Shield)
    • http:\\cdn3.msetup.download\dw\Thunderbird_Setup_52.4.0.exe(Mozilla Thunderbird)
    • http:\\cdn3.msetup.download\dw\MyPublicWiFi.exe(MyPublicWiFi)
    • http:\\cdn3.msetup.download\dw\idman630build7.exe(Internet Download Manager)
    • http:\\cdn3.msetup.download\dw\tvpcstp.exe(TV Player Classic)
    • http:\\cdn3.msetup.download\dw\LINE.exe(LINE)
    • http:\\cdn3.msetup.download\dw\DropboxInstaller.exe(Dropbox)
    • http:\\cdn3.msetup.download\dw\DCPlusPlus_0.867.exe(DC++)
    • http:\\cdn3.msetup.download\dw\UplayInstaller.exe(Uplay)
    • http:\\cdn3.msetup.download\dw\The_Bat!_8.0.14.exe(The Bat!)
    • http:\\cdn3.msetup.download\dw\Silverlight.exe(Silverlight)
    • http:\\cdn3.msetup.download\dw\qbittorrent_4.0.2_setup.exe(qBittorrent)
    • http:\\cdn3.msetup.download\dw\WeChat_C1018.exe(WeChat)
    • http:\\cdn3.msetup.download\dw\eMule0.50a-Installer.exe(eMule)
    • http:\\cdn3.msetup.download\qip2012b.exe(QIP 2012)
    • http:\\cdn3.msetup.download\dw\AnyDesk.exe(AnyDesk)
    • http:\\cdn3.msetup.download\dw\ooVoo-Setup.exe(ooVoo)
    • http:\\cdn3.msetup.download\dw\SlackSetup.x64.exe(Slack)
    • http:\\cdn3.msetup.download\dw\PuTTY-0.66-RU-16.zip(PuTTY)
    • http:\\cdn3.msetup.download\dw\ZelloSetup.exe(Zello)
    • http:\\cdn3.msetup.download\dw\charles_proxy_4.2.1win32x64.zip(Charles)
    • http:\\cdn3.msetup.download\dw\palemoon-28.1.0.win32.installer.exe(Pale Moon)
    • http:\\cdn3.msetup.download\dw\WinSCP_5.11.3.exe(WinSCP)
    • http:\\cdn3.msetup.download\dw\Transmission-2.94.zip(Transmission)
    • http:\\cdn3.msetup.download\dw\Vivaldi_1.13.1008.34.exe(Vivaldi)
    • http:\\cdn3.msetup.download\dw\Evernote_6.15.4.7934.exe(Evernote)
    • http:\\cdn3.msetup.download\dw\CFSetup456.exe(Clownfish)
    • http:\\cdn3.msetup.download\dw\Radmin_3.5.2.1_RU.zip(Radmin)
    • http:\\cdn3.msetup.download\BitTorrent.exe(BitTorrent)
    • http:\\cdn3.msetup.download\chrome-win.zip(Chromium)
    • http:\\cdn3.msetup.download\TeamViewer_Setup.exe(TeamViewer)
    • http:\\cdn3.msetup.download\SharemanSetup.exe(Shareman)
    • https:\\zoom.us\client\latest\ZoomInstaller.exe(Zoom)
    • http:\\cdn3.msetup.download\qip2005_build_8095.exe(QIP 2005)
    • http:\\cdn3.msetup.download\QIP_infium_3.0_9044_Rus_Setup.exe(QIP Infium)
  • [Multimedia, Development]
    • http:\\cdn3.msetup.download\SketchBook_8.6.0.0_Win64.exe(Autodesk Sketchbook Pro)
  • [Multimedia]
    • http:\\cdn3.msetup.download\dw\SAI-1.2.5-rus.zip(Paint Tool SAI)
    • http:\\cdn3.msetup.download\DirectX-dxwebsetup.exe(DirectX)
    • http:\\cdn3.msetup.download\dw\bdcamsetup.exe(Bandicam)
    • http:\\cdn3.msetup.download\dw\wmp11-windowsxp-x86-RU-RU.exe(Windows Media Player)
    • http:\\cdn3.msetup.download\dw\K-Lite_Codec_Pack_1400_Mega.exe(K-Lite Codec Pack)
    • http:\\cdn3.msetup.download\dw\KMPlayer_4.1.5.8.exe(KMPlayer)
    • http:\\cdn3.msetup.download\dw\aimp_4.13.1895.exe(Aimp)
    • http:\\cdn3.msetup.download\dw\Vista_Windows7_Windows8_Windows8.1_Windows10_Driver.exe(Realtek HD)
    • http:\\cdn3.msetup.download\dw\SketchUp_Pro_2017_v17.2.2555_(x64)_Final.exe(SketchUp)
    • http:\\cdn3.msetup.download\vlc-3.0.8-win32.zip(VLC Media Player)
    • http:\\cdn3.msetup.download\dw\Windows_Live_Movie_Maker.exe(Windows Movie Maker)
    • http:\\cdn3.msetup.download\dw\nvidia-Inspector-1.9.7.8.zip(NVIDIA Inspector)
    • http:\\cdn3.msetup.download\dw\388.71_desktop_notebook_win8_win7_32.exe(NVIDIA GeForce)
    • http:\\cdn3.msetup.download\flstudio_win_20.1.2.887.exe(FL Studio)
    • http:\\cdn3.msetup.download\dw\Apache_OpenOffice_4.1.4_Win_x86_install_ru.exe(OpenOffice)
    • http:\\cdn3.msetup.download\dw\MorphVOX-Pro-4.4.17-Deluxe.zip(MorphVOX Pro)
    • http:\\cdn3.msetup.download\dw\vppsetup.exe(VideoPad Video Editor)
    • http:\\cdn3.msetup.download\dw\NVIDIA_PhysX_System_Software_9.17.0524.exe(NVIDIA PhysX)
    • http:\\cdn3.msetup.download\dw\paint_net_4.0.19rus.exe(Paint.NET)
    • http:\\cdn3.msetup.download\dw\WinampPRO_v5.666.3516.exe(Winamp)
    • http:\\cdn3.msetup.download\PinnacleStudio16_Trial_Setup.exe(Pinnacle Studio)
    • http:\\cdn3.msetup.download\dw\Xvid-1.3.4-20150621.exe(Xvid Video Codec)
    • http:\\cdn3.msetup.download\dw\blender-2.78c-windows32.msi(Blender)
    • http:\\cdn3.msetup.download\dw\gimp-2.8.22-setup.exe(GIMP)
    • http:\\cdn3.msetup.download\dw\picasa39-setup.exe(Picasa)
    • http:\\cdn3.msetup.download\dw\Format.Factory.4.6.0.2.exe(Format Factory)
    • http:\\cdn3.msetup.download\dw\FSViewer.exe(FastStone Image Viewer)
    • http:\\cdn3.msetup.download\dw\Fraps_3.5.99.15618.exe(Fraps)
    • http:\\cdn3.msetup.download\GOMPlayer.exe(GOM Player)
    • http:\\cdn3.msetup.download\dw\audacity_win_2.1.3.exe(Audacity)
    • http:\\cdn3.msetup.download\dw\iTools_3.rar(iTools)
    • http:\\cdn3.msetup.download\dw\Movavi_Video_Editor_Plus_14.1.1.exe(Movavi Video Editor)
    • http:\\cdn3.msetup.download\dw\Setup-SopCast-4.2.0-2016-5-26.exe(SopCast)
    • http:\\cdn3.msetup.download\dw\GeForce_Experience_v3.15.0.164.exe(GeForce Experience)
    • http:\\cdn3.msetup.download\dw\Photodex-ProShow-Producer-v9.0.3797-Final.zip(Proshow Producer)
    • http:\\cdn3.msetup.download\dw\radeon-software-adrenalin.exe(AMD Catalyst Control Center)
    • http:\\cdn3.msetup.download\dw\FastStone-Capture-8.3.exe(FastStone Capture)
    • http:\\cdn3.msetup.download\dw\Wondershare-Filmora-8.7.5.0-64-bit.zip(Wondershare Filmora)
    • http:\\cdn3.msetup.download\dw\FreemakeVideoConverterSetup.exe(Freemake Video Converter)
    • http:\\cdn3.msetup.download\dw\JAD8105_PLUS_VX.exe(JetAudio)
    • http:\\cdn3.msetup.download\dw\SweetHome3D_5.6_windows.exe(Sweet Home 3D)
    • http:\\cdn3.msetup.download\dw\setup-lightshot.exe(Lightshot)
    • http:\\cdn3.msetup.download\dw\SmithMicro_Moho_Pro_12.2_Build_21774.zip(Anime Studio Pro)
    • http:\\cdn3.msetup.download\dw\shotcut-win64-180102.exe(Shortcut)
    • http:\\cdn3.msetup.download\dw\FurMark_1.19.1.0_Setup.exe(FurMark)
    • http:\\cdn3.msetup.download\dw\PotPlayerSetup.exe(Daum PotPlayer)
    • http:\\cdn3.msetup.download\dw\PhotoScapeSetup_V3-7.exe(Photoscape)
    • http:\\cdn3.msetup.download\dw\XnView_win_full.exe(XnView)
    • http:\\cdn3.msetup.download\dw\DivXInstaller_free.exe(DivX)
    • http:\\cdn3.msetup.download\dw\LA_Setup_v4.10.2.exe(Light Alloy)
    • http:\\cdn3.msetup.download\dw\vuex3296.exe(VueScan)
    • http:\\cdn3.msetup.download\dw\iview450_setup.exe(IrfanView)
    • http:\\cdn3.msetup.download\dw\krita-3.3.2-x86-setup.exe(Krita)
    • http:\\cdn3.msetup.download\MovaviScreenCaptureSetupC.exe(Movavi Screen Recorder Studio)
    • http:\\cdn3.msetup.download\dw\RocketDock-v1.3.5.exe(RocketDock)
    • http:\\cdn3.msetup.download\dw\Video-Editor-Pro.zip(Free Video Editor)
    • http:\\cdn3.msetup.download\dw\FreeStudio_6.6.39.707_o.exe(Free Studio)
    • http:\\cdn3.msetup.download\dw\VirtualDub.v1.10.4.exe(VirtualDub)
    • http:\\cdn3.msetup.download\CameraRaw_11_3_win.zip(Adobe Camera Raw)
    • http:\\cdn3.msetup.download\dw\Grass_Valley_EDIUS.zip(Edius)
    • http:\\cdn3.msetup.download\pstagesetup.exe(PhotoStage Slideshow Producer)
    • http:\\cdn3.msetup.download\dw\avidemux_2.7.0_win32.exe(Avidemux)
    • http:\\cdn3.msetup.download\dw\Music-Maker-2016-Premium.zip(Magix Music Maker)
    • http:\\cdn3.msetup.download\dw\Rainmeter-4.2.exe(Rainmeter)
    • http:\\cdn3.msetup.download\MovaviVideoConverterSetupC.exe(Movavi Video Converter)
    • http:\\cdn3.msetup.download\dw\ZunePackage.exe(Zune)
    • http:\\cdn3.msetup.download\dw\Inkscape-0.92.1-1.exe(Inkscape)
    • http:\\cdn3.msetup.download\Cockos_REAPER.zip(Cockos reaper)
    • http:\\cdn3.msetup.download\dw\HomeBank-5.2.2-setup.exe(HomeBank)
    • http:\\cdn3.msetup.download\dw\Miro-6.0.exe(MIRO)
    • https:\\www.az-partners.net\apps\comboplayer\download?ap=677(ComboPlayer)
    • http:\\cdn3.msetup.download\foobar2000_v1.4.8.exe(foobar2000)
    • http:\\cdn3.msetup.download\sunvox-1.9.4c.zip(SunVox)
    • http:\\cdn3.msetup.download\mp3tagv299asetup.exe(Mp3tag)
  • [Office Applications]
    • http:\\cdn3.msetup.download\WinZip.Pro-23.0.13431.zip(WinZip)
    • http:\\cdn3.msetup.download\MathType-7.4.1.458.zip(MathType)
    • http:\\cdn3.msetup.download\soda-pdf-setup.exe(Soda PDF)
    • http:\\cdn3.msetup.download\ScanToolSetup.zip(ScanTool Pro 1.0)
    • http:\\cdn3.msetup.download\SpravkiBKsetup_ver._2.4.1.msi(BK Help)
    • http:\\cdn3.msetup.download\WinScan2PDF.zip(WinScan2PDF)
    • http:\\cdn3.msetup.download\kumir2-2.1.0-rc7-install.exe(Kumir)
    • http:\\cdn3.msetup.download\ScreenToGif.2.17.1.Portable.zip(ScreenToGif)
    • http:\\cdn3.msetup.download\screen_scissors.zip(Screen Scissors)
    • http:\\cdn3.msetup.download\ScanLiteSetupVer1_1.exe(ScanLite)
  • [Security, Internet]
    • http:\\cdn3.msetup.download\dw\pplus.exe(Proxy Plus)
  • [System, Development]
    • http:\\cdn3.msetup.download\ideaIU-2019.1.2.exe(IntelliJ IDEA)
  • [System, Drivers]
    • http:\\cdn3.msetup.download\dw\instspeedfan452.exe(SpeedFan)
    • https:\\www.az-partners.net\apps\driver-hub\download?ap=677(DriverHub)
  • [System, Games]
    • http:\\cdn3.msetup.download\dw\RazerGameBoosterSetup_4.2.45.0.exe(Razer Game Booster)
  • [System]
    • http:\\cdn3.msetup.download\dw\avast_free_antivirus_setup_online.exe(Avast Free Antivirus)
    • http:\\cdn3.msetup.download\wrar570.exe(WinRAR)
    • http:\\cdn3.msetup.download\winrar-x64-570.exe(WinRAR 64 bit)
    • http:\\cdn3.msetup.download\dw\freepdfreader.exe(PDF Reader)
    • http:\\cdn3.msetup.download\dw\BlueStacks_Installer_BS3.exe(BlueStacks)
    • http:\\cdn3.msetup.download\dw\Total_Commander_9.12_Final.zip(Total Commander)
    • http:\\cdn3.msetup.download\dw\driver_booster_setup.exe(Driver Booster Free)
    • http:\\cdn3.msetup.download\readerdc_ru_a_install.zip(Adobe Reader)
    • http:\\cdn3.msetup.download\dw\iTunesSetup.exe(iTunes)
    • http:\\cdn3.msetup.download\dw\clean_master_1_1.exe(Clean Master)
    • http:\\cdn3.msetup.download\dw\7z1604.exe(7-Zip)
    • http:\\cdn3.msetup.download\dw\nox_setup_v6.0.1.0_full_intl.exe(Nox App Player)
    • http:\\cdn3.msetup.download\dw\DjVuReader.2.0.0.26.rus.zip(DjVu reader)
    • http:\\cdn3.msetup.download\dw\memreduct-3.3-setup.exe(Mem Reduct)
    • http:\\cdn3.msetup.download\dw\MSI_Afterburner_4.4.0_Final_Rus.exe(MSI Afterburner)
    • http:\\cdn3.msetup.download\dw\VirtualBox_5.2.2_119230_Win.exe(VirtualBox)
    • http:\\cdn3.msetup.download\dw\SHAREit.exe(SHAREit)
    • http:\\cdn3.msetup.download\dw\rufus-2.18.exe(Rufus)
    • http:\\cdn3.msetup.download\dw\ArtMoney_8.00_SE.exe(ArtMoney)
    • http:\\cdn3.msetup.download\dw\Scratch_458.0.1.exe(Scratch)
    • http:\\cdn3.msetup.download\dw\MSEInstall_x86.exe(Microsoft Security Essentials)
    • http:\\cdn3.msetup.download\kfa18.0.0.405en_full.exe(Kaspersky Free)
    • http:\\cdn3.msetup.download\360TS_Setup_Mini_WW_Installpro_CPS202001_6.6.0.1053.exe(360 Total Security)
    • http:\\cdn3.msetup.download\dw\eav_nt32.exe(NOD32)
    • http:\\cdn3.msetup.download\dw\FastComputer.exe(Fast Computer)
    • http:\\cdn3.msetup.download\dw\npp.7.4.1.32-86Installer.exe(Notepad++)
    • http:\\cdn3.msetup.download\dw\Intel-Driver-and-Support-Assistant-Installer.exe(Intel Driver)
    • http:\\cdn3.msetup.download\dw\Dr-Web-CureIt-02-01-2018.exe(Dr.Web CureIt!)
    • http:\\cdn3.msetup.download\dw\adwcleaner_7.0.8.0.exe(AdwCleaner)
    • http:\\cdn3.msetup.download\dw\rcsetup153.exe(Recuva)
    • http:\\cdn3.msetup.download\dw\cpu-z_1.81-en.exe(CPU-Z)
    • http:\\cdn3.msetup.download\Xpadder.v5.7.zip(Xpadder)
    • http:\\cdn3.msetup.download\dw\cr3_win32_qt_opengl_3.3.61.zip(Cool Reader)
    • http:\\cdn3.msetup.download\dw\Nokia_PC_Suite_7.1.180.94_rus.exe(Nokia PC Suite)
    • http:\\cdn3.msetup.download\dw\CrystalDiskInfo_7.5.1.exe(CrystalDiskInfo)
    • http:\\cdn3.msetup.download\dw\Victoria_HDD_446.exe(Victoria HDD)
    • http:\\cdn3.msetup.download\dw\ClassicShellSetup_4_3_1-ru.exe(Classic Shell)
    • http:\\cdn3.msetup.download\dw\chemaxrus188.exe(CheMax)
    • http:\\cdn3.msetup.download\dw\Andy_46.16_66_x86.exe(Andy)
    • http:\\cdn3.msetup.download\vc_redist.x64.exe(Microsoft Visual C++ x64)
    • http:\\cdn3.msetup.download\JavaSetup8u211.exe(Java 8 Runtime)
    • http:\\cdn3.msetup.download\dw\PuntoSwitcherSetup.exe(Punto Switcher)
    • http:\\cdn3.msetup.download\dw\KiesSetup.exe(Samsung Kies)
    • http:\\cdn3.msetup.download\dw\hr.exe(HDD Regenerator)
    • http:\\cdn3.msetup.download\dw\IVT_BlueSoleil_10.0.497.0.zip(BlueSoleil)
    • http:\\cdn3.msetup.download\vc_redist.x86.exe(Microsoft Visual C++ x86)
    • http:\\cdn3.msetup.download\dw\FBReaderSetup_0.12.10.exe(FBReader)
    • http:\\cdn3.msetup.download\dw\ASUS_BIOS_Live_Update.zip(ASUS Update)
    • http:\\cdn3.msetup.download\dw\mcafee_trial_setup_433.0207_key.exe(Mcafee)
    • http:\\cdn3.msetup.download\dw\KingoRootSetup_1.5.5.3207.exe(Kingo Root)
    • http:\\cdn3.msetup.download\dw\MediaCreationTool1809.exe(Media Creation Tool)
    • http:\\cdn3.msetup.download\dw\HDDLLFsetup_4.40.zip(HDD Low LevelFormat Tool)
    • http:\\cdn3.msetup.download\dw\arduino-1.8.5-windows.exe(Arduino)
    • http:\\cdn3.msetup.download\Win_10_Tweaker_14.3.exe(Win 10 Tweaker Pro)
    • http:\\cdn3.msetup.download\dw\MultiBoot.exe(MultiBoot)
    • http:\\cdn3.msetup.download\dw\LibreOffice_5.4.4_Win_x86.msi.zip(LibreOffice)
    • http:\\cdn3.msetup.download\fpsmon-5075.exe(FPS Monitor)
    • http:\\cdn3.msetup.download\avg_tuneup_setup.exe(AVG PC TuneUp)
    • http:\\cdn3.msetup.download\dw\RazerCortexSetup_8.4.17.561.exe(Razer Cortex)
    • http:\\cdn3.msetup.download\DDU_v18.0.2.1.exe(Display Driver Uninstaller)
    • http:\\cdn3.msetup.download\dw\mb3-setup-consumer-3.6.1.2711-1.0.482-1.0.7565.exe(Malwarebytes Anti-Malware)
    • http:\\cdn3.msetup.download\dw\SetupImgBurn_2.5.8.0.exe(ImgBurn)
    • http:\\cdn3.msetup.download\dw\WiseCare_PRO_365_4.7.5.458.exe(Wise Care 365 Pro)
    • http:\\cdn3.msetup.download\dw\Foxit_Reader_9.0.exe(Foxit Reader)
    • http:\\cdn3.msetup.download\dw\Glary_Utilities_5.89.0.110.exe(Glary Utilities)
    • http:\\cdn3.msetup.download\dw\CPU_Control.zip(CPU Control)
    • http:\\cdn3.msetup.download\dw\DG_Setup.exe(Driver Genius)
    • http:\\cdn3.msetup.download\dw\CrystalDiskInfo8_0_0.exe(CrystalDiskMark)
    • http:\\cdn3.msetup.download\GPU-Z.2.21.0.exe(GPU-Z)
    • http:\\cdn3.msetup.download\dw\testdisk-7.1-win.zip(TestDisk)
    • http:\\cdn3.msetup.download\dw\Core-Temp-setup.exe(Core Temp)
    • http:\\cdn3.msetup.download\dw\eclipse-inst-win64.exe(Eclipse)
    • http:\\cdn3.msetup.download\oalinst.exe(OpenAL)
    • http:\\cdn3.msetup.download\dw\Far30b5100.x86.20171126.msi(FAR Manager)
    • http:\\cdn3.msetup.download\dw\hetman_partition_recovery.exe(Hetman Partition Recovery)
    • http:\\cdn3.msetup.download\CleanMyPC.exe(CleanMyPC)
    • http:\\cdn3.msetup.download\dw\calibre-3.16.0.msi(Calibre)
    • http:\\cdn3.msetup.download\PAssist_Std.exe(AOMEI Partition Assistant)
    • http:\\cdn3.msetup.download\dw\Kerish_Doctor_4.65.exe(Kerish Doctor)
    • http:\\cdn3.msetup.download\dw\mhdd32ver4.6.iso(MHDD)
    • http:\\cdn3.msetup.download\dw\stduviewer.exe(STDU Viewer)
    • http:\\cdn3.msetup.download\dw\Sublime_Text_Build_3176_Setup.exe(Sublime Text)
    • http:\\cdn3.msetup.download\dw\fb2reader.zip(FB2 Reader)
    • http:\\cdn3.msetup.download\dw\HWMonitor_x32_1.31_Rus.exe(HWMonitor)
    • http:\\cdn3.msetup.download\dw\ActiveSync.msi(ActiveSync)
    • http:\\cdn3.msetup.download\dw\rivatuner.zip(RivaTuner)
    • http:\\cdn3.msetup.download\dw\HDDScan_v4.0.zip(HDDScan)
    • http:\\cdn3.msetup.download\IObit-Malware-Fighter-Setup.exe(IObit Malware Fighter)
    • http:\\cdn3.msetup.download\dw\Eraser_6.2.0.2979.exe(Eraser)
    • http:\\cdn3.msetup.download\dw\Antivirus_Free_x86_1819.exe(AVG Antivirus)
    • http:\\cdn3.msetup.download\dw\Internet_Security_x86_1821.exe(AVG Internet Security)
    • http:\\cdn3.msetup.download\reiboot.exe(Tenorshare ReiBoot)
    • http:\\cdn3.msetup.download\ProcessExplorer.zip(Process Explorer)
    • http:\\cdn3.msetup.download\dw\Firebird_Win32.exe(Firebird)
    • http:\\cdn3.msetup.download\litemanager_4.9.zip(Litemanager Pro)
    • http:\\cdn3.msetup.download\Unlocker_1.9.2.exe(Unlocker)
    • http:\\cdn3.msetup.download\Uninstall_Tool.zip(Uninstall Tool)
    • http:\\cdn3.msetup.download\reg-organizer-setup.exe(Reg Organizer)
    • http:\\cdn3.msetup.download\RStudio8.exe(R-Studio)
    • http:\\cdn3.msetup.download\Novicorp_WinToFlash_Pro_v1.12.0.exe(WinToFlash)
    • http:\\cdn3.msetup.download\WinSetupFromUSB-1-9.exe(WinSetupFromUSB)
    • http:\\cdn3.msetup.download\EasyBCD_2.4.exe(EasyBCD)
    • http:\\cdn3.msetup.download\AutoHotkey_1.1.30.03_setup.exe(AutoHotkey)
    • http:\\cdn3.msetup.download\MemTest.zip(MemTest)
    • http:\\cdn3.msetup.download\parkcontrolsetup64.exe(ParkControl 64bit)
    • http:\\cdn3.msetup.download\dxcpl.zip(Dxcpl)
    • http:\\cdn3.msetup.download\microsoftvisualcpp.zip(Microsoft VisualC++ Full)
    • http:\\cdn3.msetup.download\RegCleaner736.exe(TweakNow RegCleaner)

Guarda los archivos que descarga con los nombres siguientes:

  • Default {Download Folder} is %User Profile%\Downloads\Downloads msetup
  • [Development]
    • {Download Folder}\java-development-kit.exe
  • [Drivers]
    • {Download Folder}\physx-nvidia.exe
  • [Games]
    • {Download Folder}\desktop-games.exe
    • {Download Folder}\oscar-editor.exe
    • {Download Folder}\games-mail-ru.exe
    • {Download Folder}\vimeworld.exe
    • {Download Folder}\minecraft-tlauncher.exe
    • {Download Folder}\tlauncher.exe
    • {Download Folder}\punk-buster.exe
  • [Internet, Games]
    • {Download Folder}\epic-games-launcher.exe
  • [Internet]
    • {Download Folder}\yandex-browser.exe
    • {Download Folder}\opera.exe
    • {Download Folder}\adguard.exe
    • {Download Folder}\skype.exe
    • {Download Folder}\telegram.exe
    • {Download Folder}\steam.exe
    • {Download Folder}\whatsapp.exe
    • {Download Folder}\discord.exe
    • {Download Folder}\viber.exe
    • {Download Folder}\savefrom.exe
    • {Download Folder}\utorrent.exe
    • {Download Folder}\ammyy-admin.exe
    • {Download Folder}\tor.exe
    • {Download Folder}\internet-explorer.exe
    • {Download Folder}\adobe-flash-player.exe
    • {Download Folder}\team-viewer.exe
    • {Download Folder}\firefox.exe
    • {Download Folder}\glaz-tv.exe
    • {Download Folder}\google-earth.exe
    • {Download Folder}\ip-tv-player.exe
    • {Download Folder}\vksaver.exe
    • {Download Folder}\2gis.exe
    • {Download Folder}\safari.exe
    • {Download Folder}\vkmusic.exe
    • {Download Folder}\raidcall.exe
    • {Download Folder}\obs-studio.exe
    • {Download Folder}\teamspeak.exe
    • {Download Folder}\virtual-router.exe
    • {Download Folder}\drug-vokrug.exe
    • {Download Folder}\unity-web-player.exe
    • {Download Folder}\download-master.exe
    • {Download Folder}\pcradio.exe
    • {Download Folder}\yandex-disk.exe
    • {Download Folder}\origin.exe
    • {Download Folder}\hamachi.exe
    • {Download Folder}\tunnelbear.exe
    • {Download Folder}\google-drive.exe
    • {Download Folder}\microsoft-net-framework.exe
    • {Download Folder}\microsoft-edge.exe
    • {Download Folder}\openvpn.exe
    • {Download Folder}\supremo.exe
    • {Download Folder}\youtube-downloader.exe
    • {Download Folder}\k-meleon.exe
    • {Download Folder}\cloud-mail.exe
    • {Download Folder}\amigo.exe
    • {Download Folder}\tlauncherorg.exe
    • {Download Folder}\icq.exe
    • {Download Folder}\google-chrome.exe
    • {Download Folder}\sas-planeta-2019.exe
    • {Download Folder}\uc_browser.exe
    • {Download Folder}\filezilla.exe
    • {Download Folder}\maxthon.exe
    • {Download Folder}\hotspot-shield.exe
    • {Download Folder}\mozilla-thunderbird.exe
    • {Download Folder}\mypublicwifi.exe
    • {Download Folder}\internet-download-manager.exe
    • {Download Folder}\tv-player-classic.exe
    • {Download Folder}\line.exe
    • {Download Folder}\dropbox.exe
    • {Download Folder}\dc_plus_plus.exe
    • {Download Folder}\uplay.exe
    • {Download Folder}\the-bat.exe
    • {Download Folder}\silverlight.exe
    • {Download Folder}\qbittorrent.exe
    • {Download Folder}\wechat.exe
    • {Download Folder}\emule.exe
    • {Download Folder}\qip.exe
    • {Download Folder}\anydesk.exe
    • {Download Folder}\oovoo.exe
    • {Download Folder}\slack.exe
    • {Download Folder}\putty.exe
    • {Download Folder}\zello.exe
    • {Download Folder}\charles.exe
    • {Download Folder}\pale-moon.exe
    • {Download Folder}\winscp.exe
    • {Download Folder}\transmission.exe
    • {Download Folder}\vivaldi.exe
    • {Download Folder}\evernote.exe
    • {Download Folder}\clownfish.exe
    • {Download Folder}\radmin.exe
    • {Download Folder}\bittorrent.exe
    • {Download Folder}\chromium.exe
    • {Download Folder}\teamviewer.exe
    • {Download Folder}\shareman.exe
    • {Download Folder}\zoom.exe
    • {Download Folder}\qip-2005.exe
    • {Download Folder}\qip-infium.exe
  • [Multimedia, Development]
    • {Download Folder}\autodesk-sketchbook-pro.exe
  • [Multimedia]
    • {Download Folder}\paint-tool-sai.exe
    • {Download Folder}\directx.exe
    • {Download Folder}\bandicam.exe
    • {Download Folder}\windows-media-player.exe
    • {Download Folder}\k-lite.exe
    • {Download Folder}\kmplayer.exe
    • {Download Folder}\aimp.exe
    • {Download Folder}\realtek-hd.exe
    • {Download Folder}\sketchup.exe
    • {Download Folder}\vlc.exe
    • {Download Folder}\livemoviemaker.exe
    • {Download Folder}\nvidia-inspector.exe
    • {Download Folder}\nvidia-geforce.exe
    • {Download Folder}\fl-studio.exe
    • {Download Folder}\openoffice.exe
    • {Download Folder}\morphvox-pro.exe
    • {Download Folder}\videopad-video-editor.exe
    • {Download Folder}\nvidia-physx.exe
    • {Download Folder}\paintnet.exe
    • {Download Folder}\winamp.exe
    • {Download Folder}\pinnacle-studio.exe
    • {Download Folder}\xvid.exe
    • {Download Folder}\blender.exe
    • {Download Folder}\gimp.exe
    • {Download Folder}\picasa.exe
    • {Download Folder}\format-factory.exe
    • {Download Folder}\faststone_image_viewer.exe
    • {Download Folder}\fraps.exe
    • {Download Folder}\gom-player.exe
    • {Download Folder}\audacity.exe
    • {Download Folder}\itools.exe
    • {Download Folder}\movavi-video-editor.exe
    • {Download Folder}\sopcast.exe
    • {Download Folder}\geforce-experience.exe
    • {Download Folder}\proshow-producer.exe
    • {Download Folder}\amd-catalyst-control-center.exe
    • {Download Folder}\faststone-capture.exe
    • {Download Folder}\wondershare-filmora.exe
    • {Download Folder}\freemake-video-converter.exe
    • {Download Folder}\jetaudio.exe
    • {Download Folder}\sweet-home-3d.exe
    • {Download Folder}\lightshot.exe
    • {Download Folder}\anime-studio-pro.exe
    • {Download Folder}\shotcut.exe
    • {Download Folder}\furmark.exe
    • {Download Folder}\daum-potplayer.exe
    • {Download Folder}\photoscape.exe
    • {Download Folder}\xnview.exe
    • {Download Folder}\divx.exe
    • {Download Folder}\light-alloy.exe
    • {Download Folder}\vuescan.exe
    • {Download Folder}\irfanview.exe
    • {Download Folder}\krita.exe
    • {Download Folder}\movavi-screen-recorder.exe
    • {Download Folder}\rocketdock.exe
    • {Download Folder}\free-video-editor.exe
    • {Download Folder}\free-studio.exe
    • {Download Folder}\virtualdub.exe
    • {Download Folder}\adobe-camera-raw.exe
    • {Download Folder}\edius.exe
    • {Download Folder}\photostage-slideshow-producer.exe
    • {Download Folder}\avidemux.exe
    • {Download Folder}\magix-music-maker.exe
    • {Download Folder}\rainmeter.exe
    • {Download Folder}\movavi-video-converter.exe
    • {Download Folder}\zune.exe
    • {Download Folder}\inkscape.exe
    • {Download Folder}\cockos-reaper.exe
    • {Download Folder}\homebank.exe
    • {Download Folder}\miro.exe
    • {Download Folder}\comboplayer.exe
    • {Download Folder}\foobar2000.exe
    • {Download Folder}\sunvox.exe
    • {Download Folder}\mp3tag.exe
  • [Office Applications]
    • {Download Folder}\winzip.exe
    • {Download Folder}\mathtype.exe
    • {Download Folder}\soda-pdf.exe
    • {Download Folder}\scantool.exe
    • {Download Folder}\spravki-bk.exe
    • {Download Folder}\winscan2pdf.exe
    • {Download Folder}\kumir.exe
    • {Download Folder}\screentogif.exe
    • {Download Folder}\ekrannie-nozshnitsi.exe
    • {Download Folder}\scanlite.exe
  • [Security, Internet]
    • {Download Folder}\proxy-plus.exe
  • [System, Development]
    • {Download Folder}\intellij-idea.exe
  • [System, Drivers]
    • {Download Folder}\speedfan.exe
    • {Download Folder}\driverhub.exe
  • [System, Games]
    • {Download Folder}\razer-game-booster.exe
  • [System]
    • {Download Folder}\avast-free-antivirus.exe
    • {Download Folder}\winrar.exe
    • {Download Folder}\winrar-32-64-bit.exe
    • {Download Folder}\pdf-reader.exe
    • {Download Folder}\bluestacks.exe
    • {Download Folder}\total-commander.exe
    • {Download Folder}\driver-booster-free.exe
    • {Download Folder}\adobe-reader.exe
    • {Download Folder}\itunes.exe
    • {Download Folder}\clean-master.exe
    • {Download Folder}\7-zip.exe
    • {Download Folder}\nox-app-player.exe
    • {Download Folder}\djvu-reader.exe
    • {Download Folder}\mem-reduct.exe
    • {Download Folder}\msi-afterburner.exe
    • {Download Folder}\virtualbox.exe
    • {Download Folder}\shareit.exe
    • {Download Folder}\rufus.exe
    • {Download Folder}\artmoney.exe
    • {Download Folder}\scratch.exe
    • {Download Folder}\microsoft-security-essentials.exe
    • {Download Folder}\kaspersky-free.exe
    • {Download Folder}\360-total-security.exe
    • {Download Folder}\nod32.exe
    • {Download Folder}\uskoritel-komputera.exe
    • {Download Folder}\notepad.exe
    • {Download Folder}\intel-driver.exe
    • {Download Folder}\dr-web-cuteit.exe
    • {Download Folder}\adwcleaner.exe
    • {Download Folder}\recuva.exe
    • {Download Folder}\cpu-z.exe
    • {Download Folder}\xpadder.exe
    • {Download Folder}\cool-reader.exe
    • {Download Folder}\nokia-pc-suite.exe
    • {Download Folder}\crystaldiskinfo.exe
    • {Download Folder}\victoria-hdd.exe
    • {Download Folder}\classic-shell.exe
    • {Download Folder}\chemax.exe
    • {Download Folder}\andy.exe
    • {Download Folder}\ms-vc-redist-x64.exe
    • {Download Folder}\java.exe
    • {Download Folder}\punto-switcher.exe
    • {Download Folder}\samsung-kies.exe
    • {Download Folder}\hdd-regenerator.exe
    • {Download Folder}\bluesoleil.exe
    • {Download Folder}\ms-vc-redist-x86.exe
    • {Download Folder}\fbreader.exe
    • {Download Folder}\asus.exe
    • {Download Folder}\mcafee.exe
    • {Download Folder}\kingo-root.exe
    • {Download Folder}\media-creation-tool.exe
    • {Download Folder}\hdd-low-level-format-tool.exe
    • {Download Folder}\arduino.exe
    • {Download Folder}\win-10-tweaker-pro.exe
    • {Download Folder}\multiboot.exe
    • {Download Folder}\libreoffice.exe
    • {Download Folder}\fps-monitor.exe
    • {Download Folder}\avg-pc-tuneup.exe
    • {Download Folder}\razer-cortex.exe
    • {Download Folder}\display-driver-uninstaller.exe
    • {Download Folder}\malwarebytes-anti-malware.exe
    • {Download Folder}\imgburn.exe
    • {Download Folder}\wise-care-365-pro.exe
    • {Download Folder}\foxitreader.exe
    • {Download Folder}\glary-utilities.exe
    • {Download Folder}\cpu-control.exe
    • {Download Folder}\driver-genius.exe
    • {Download Folder}\crystaldiskmark.exe
    • {Download Folder}\gpu-z.exe
    • {Download Folder}\testdisk.exe
    • {Download Folder}\core-temp.exe
    • {Download Folder}\eclipse.exe
    • {Download Folder}\openal.exe
    • {Download Folder}\far-manager.exe
    • {Download Folder}\hetman-partition-recovery.exe
    • {Download Folder}\cleanmypc.exe
    • {Download Folder}\calibre.exe
    • {Download Folder}\aomei-partition-assistant.exe
    • {Download Folder}\kerish-doctor.exe
    • {Download Folder}\mhdd.exe
    • {Download Folder}\stdu-viewer.exe
    • {Download Folder}\sublime-text.exe
    • {Download Folder}\fb2-reader.exe
    • {Download Folder}\hwmonitor.exe
    • {Download Folder}\activesync.exe
    • {Download Folder}\rivatuner.exe
    • {Download Folder}\hddscan.exe
    • {Download Folder}\iobit-malware-fighter.exe
    • {Download Folder}\eraser.exe
    • {Download Folder}\avg-antivirus.exe
    • {Download Folder}\avg-internet-security.exe
    • {Download Folder}\tenorshare-reiboot.exe
    • {Download Folder}\process-explorer.exe
    • {Download Folder}\firebird.exe
    • {Download Folder}\litemanager-pro.exe
    • {Download Folder}\unlocker.exe
    • {Download Folder}\uninstall-tool.exe
    • {Download Folder}\reg-organizer.exe
    • {Download Folder}\r-studio.exe
    • {Download Folder}\wintoflash.exe
    • {Download Folder}\winsetupfromusb.exe
    • {Download Folder}\easybcd.exe
    • {Download Folder}\autohotkey.exe
    • {Download Folder}\memtest.exe
    • {Download Folder}\parkcontrol-64bit.exe
    • {Download Folder}\dxcpl.exe
    • {Download Folder}\msvcpp-redist-full.exe
    • {Download Folder}\tweaknow-regcleaner

(Nota: %User Profile% es la carpeta de perfil del usuario activo, que en el caso de Windows 98 y ME suele estar en C:\Windows\Profiles\{nombre de usuario}, en el caso de Windows NT en C:\WINNT\Profiles\{nombre de usuario}, en el caso de Windows 2000(32-bit), XP y Server 2003(32-bit) en C:\Documents and Settings\{nombre de usuario} y en el caso de Windows Vista, 7, 8, 8.1, 2008(64-bit), 2012(64-bit) y 10(64-bit) en C:\Users\{nombre de usuario}).

)

Otros detalles

Se conecta al sitio Web siguiente para enviar y recibir información:

  • https://api.{BLOCKED}p.pro

Hace lo siguiente:

  • Shows the following when executed:
    • Выбор программ → Program Selection
    • Рекомендации и подтверждение → Recommendations and confirmation
      • Pressing the button on the left downloads and install avast with the chosen programs
    • Процессе загрузки → Boot process
      • Checking the checkboxes downloads and installs Yandex

  SOLUTION

Minimum scan engine: 9.850
SSAPI Pattern-Datei: 2.277.00
SSAPI Pattern veröffentlicht am: 16 de kwietnia de 2020

Step 1

Los usuarios de Windows ME y XP, antes de llevar a cabo cualquier exploración, deben comprobar que tienen desactivada la opción Restaurar sistema para permitir la exploración completa del equipo.

Step 2

Note that not all files, folders, and registry keys and entries are installed on your computer during this malware's/spyware's/grayware's execution. This may be due to incomplete installation or other operating system conditions. If you do not find the same files/folders/registry information, please proceed to the next step.

Step 3

Buscar y eliminar estas carpetas

[ learnMore ]
Asegúrese de que tiene activada la casilla Buscar archivos y carpetas ocultos en la opción Más opciones avanzadas para que el resultado de la búsqueda incluya todas las carpetas ocultas.  
  • %User Temp%\msetup
  • %User Temp%\msetup\icons

Step 4

Buscar y eliminar este archivo

[ learnMore ]
Puede que algunos de los archivos del componente estén ocultos. Asegúrese de que tiene activada la casilla Buscar archivos y carpetas ocultos en la opción Más opciones avanzadas para que el resultado de la búsqueda incluya todos los archivos y carpetas ocultos.
  • %User Temp%\multi_setup.log
  • %User Temp%\msetup\msetup.json
  • %User Temp%\5e8c8366-a94d4.cab

Step 5

Explorar el equipo con su producto de Trend Micro para eliminar los archivos detectados como PUA.Win32.MulSetup.THA En caso de que el producto de Trend Micro ya haya limpiado, eliminado o puesto en cuarentena los archivos detectados, no serán necesarios más pasos. Puede optar simplemente por eliminar los archivos en cuarentena. Consulte esta página de Base de conocimientos para obtener más información.


Did this description help? Tell us how we did.