PUA.Win32.MulSetup.THA
HEUR:Downloader.Win32.MulSetup.gen (KASPERSKY); Downloader.MulSetup (VBA32)
Windows
Tipo di minaccia informatica:
Potentially Unwanted Application
Distruttivo?:
No
Crittografato?:
No
In the wild::
Sì
Panoramica e descrizione
It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
Se conecta a determinados sitios Web para enviar y recibir información.
Dettagli tecnici
Detalles de entrada
It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
Instalación
Infiltra los archivos siguientes:
- %User Temp%\multi_setup.log → contains download config chosen
- %User Temp%\msetup\msetup.json → log containing program events
(Nota: %User Temp% es la carpeta Temp del usuario activo, que en el caso de Windows 2000(32-bit), XP y Server 2003(32-bit) suele estar en C:\Documents and Settings\{nombre de usuario}\Local Settings\Temp y en el case de Windows Vista, 7, 8, 8.1, 2008(64-bit), 2012(64-bit) y 10(64-bit) en C:\Users\{nombre de usuario}\AppData\Local\Temp).
)Crea las carpetas siguientes:
- %User Temp%\msetup
- %User Temp%\msetup\icons
(Nota: %User Temp% es la carpeta Temp del usuario activo, que en el caso de Windows 2000(32-bit), XP y Server 2003(32-bit) suele estar en C:\Documents and Settings\{nombre de usuario}\Local Settings\Temp y en el case de Windows Vista, 7, 8, 8.1, 2008(64-bit), 2012(64-bit) y 10(64-bit) en C:\Users\{nombre de usuario}\AppData\Local\Temp).
)Agrega las siguientes exclusiones mutuas para garantizar que solo se ejecuta una de sus copias en todo momento:
- MulSetup
Rutina de descarga
Accede a los siguientes sitios Web para descargar archivos:
- https://api.{BLOCKED}p.pro/icons/icons.cab - %UserTemp%\msetup\5e8c8366-a94d4.cab (Icons)
Este malware descarga el archivo desde la siguiente URL y le cambia el nombre al almacenarlo en el sistema afectado:
- [Development]
- http:\\cdn3.msetup.download\jdk-13.0.1_windows-x64_bin.exe(Java Development Kit)
- [Drivers]
- http:\\cdn3.msetup.download\PhysX-9.16.0318-SystemSoftware.exe(NVIDIA PhysX System Software)
- [Games]
- http:\\cdn3.msetup.download\gg\gg_client.exe(Desktop Games)
- http:\\cdn3.msetup.download\Installer_oscar.exe(Oscar Editor)
- http:\\cdn3.msetup.download\GameCenterLoader_6c5ca0636d67c4812bb8f6b118d97bfc.exe(Game Center Mail.ru)
- http:\\cdn3.msetup.download\VimeWorld.exe(VimeWorld)
- http:\\cdn3.msetup.download\TLauncher-2.66-Installer-0.5.2.exe(Minecraft TLauncher)
- http:\\cdn3.msetup.download\TLauncher-2.66-Installer-0.5.2.exe(TLauncher)
- http:\\cdn3.msetup.download\pbsetup.zip(PunkBuster)
- [Internet, Games]
- http:\\cdn3.msetup.download\dw\EpicInstaller-7.16.0.msi.zip(Epic Games Launcher)
- [Internet]
- http:\\cdn3.msetup.download\dw\Yandex.exe(Yandex Browser)
- http:\\cdn3.msetup.download\dw\Opera_45.0.2552.812_Setup-Original.exe(Opera)
- https:\\download.adguard.com\d\29737\adguardInstaller.exe(Adguard)
- http:\\cdn3.msetup.download\Skype-8.40.0.70.exe(Skype)
- http:\\cdn3.msetup.download\dw\telegram_1.1.23.exe(Telegram)
- http:\\cdn3.msetup.download\dw\SteamSetup.exe(Steam)
- http:\\cdn3.msetup.download\dw\WhatsAppSetup.exe(WhatsApp)
- http:\\cdn3.msetup.download\dw\DiscordSetup.exe(Discord)
- http:\\cdn3.msetup.download\ViberSetup.exe(Viber)
- http:\\cdn3.msetup.download\dw\SFHelper.exe(Savefrom.net)
- http:\\cdn3.msetup.download\uTorrent.exe(uTorrent)
- http:\\cdn3.msetup.download\dw\Ammyy-Admin-3.5-Corporate-DC.zip(Ammyy Admin)
- http:\\cdn3.msetup.download\torbrowser-install-9.0.2_ru.exe(Tor Browser)
- http:\\cdn3.msetup.download\dw\EIE11_RU-RU_MCM_WIN7.EXE(Internet Explorer)
- http:\\cdn3.msetup.download\install_flash_player-FireFoX.exe(Adobe Flash Player)
- http:\\cdn3.msetup.download\TeamViewer_Setup.exe(TeamViewer)
- http:\\cdn3.msetup.download\dw\Firefox_Setup_55.0.3.exe(Mozilla Firefox)
- http:\\cdn3.msetup.download\dw\GlazTV-Setup-v1.02.exe(GlazTV)
- http:\\cdn3.msetup.download\dw\Google_Earth_Pro.exe(Google Earth)
- http:\\cdn3.msetup.download\dw\IpTvPlayer-setup.exe(IP-TV Player)
- http:\\cdn3.msetup.download\dw\vksaver-install.exe(VKSaver)
- http:\\cdn3.msetup.download\dw\2GISShell_3.16.3.0.msi.zip(2GIS)
- http:\\cdn3.msetup.download\dw\SafariSetup.exe(Safari)
- http:\\cdn3.msetup.download\dw\VKMusic_4.77.1.exe(VKMusic)
- http:\\cdn3.msetup.download\dw\raidcall_ru_v8.2.0.exe(RaidCall)
- http:\\cdn3.msetup.download\dw\OBS-Studio-22.0.2-Full-Installer-x64.exe(OBS Studio)
- http:\\cdn3.msetup.download\dw\TeamSpeak3-Client-win32-3.1.6.exe(TeamSpeak 3)
- http:\\cdn3.msetup.download\dw\VirtualRouterInstaller.zip(Virtual Router)
- http:\\cdn3.msetup.download\dw\drugvokrug_win.exe(Drug Vokrug)
- http:\\cdn3.msetup.download\dw\UnityWebPlayer.exe(Unity Web Player)
- http:\\cdn3.msetup.download\dw\dmaster.exe(Download Master)
- http:\\cdn3.msetup.download\dw\PCRADIO_5.0.2.exe(PCRadio)
- http:\\cdn3.msetup.download\dw\YandexDiskSetupRu.exe(Yandex Disk)
- http:\\cdn3.msetup.download\dw\OriginThinSetup.exe(Origin)
- http:\\cdn3.msetup.download\dw\hamachi_2.2.0.328.msi(Hamachi)
- http:\\cdn3.msetup.download\dw\TunnelBear-Installer.exe(TunnelBear)
- http:\\cdn3.msetup.download\dw\googledrivefilestream.exe(Google Drive)
- http:\\cdn3.msetup.download\dotNetFx45_Full_setup.exe(NET Framework)
- http:\\cdn3.msetup.download\MicrosoftEdgeSetupBeta.exe(Microsoft Edge)
- http:\\cdn3.msetup.download\dw\openvpn-install-2.4.6-I602.exe(OpenVPN)
- http:\\cdn3.msetup.download\dw\Supremo.exe(Supremo)
- http:\\cdn3.msetup.download\dw\YTDSetup.exe(YouTube Downloader)
- http:\\cdn3.msetup.download\dw\K-Meleon75.1.exe(K-Meleon)
- http:\\cdn3.msetup.download\dw\Disk-O_setup.exe(Cloud Mail.ru)
- http:\\cdn3.msetup.download\dw\Amigo.exe(Amigo)
- http:\\cdn3.msetup.download\TLauncher-2.66-Installer-0.5.2.exe(TLauncher)
- http:\\cdn3.msetup.download\dw\icq.exe(ICQ)
- http:\\cdn3.msetup.download\ChromeSetup.exe(Google Chrome)
- http:\\cdn3.msetup.download\SASPlanet_181221.zip(SAS Planet 2019)
- http:\\cdn3.msetup.download\dw\UC_Browser_7.0.69.1022.exe(UC Browser)
- http:\\cdn3.msetup.download\dw\FileZilla_Server-0_9_60_2.exe(FileZilla)
- http:\\cdn3.msetup.download\dw\mx_5.1.3.2000.exe(Maxthon)
- http:\\cdn3.msetup.download\dw\HotspotShield-7.4.2-328881.exe(Hotspot Shield)
- http:\\cdn3.msetup.download\dw\Thunderbird_Setup_52.4.0.exe(Mozilla Thunderbird)
- http:\\cdn3.msetup.download\dw\MyPublicWiFi.exe(MyPublicWiFi)
- http:\\cdn3.msetup.download\dw\idman630build7.exe(Internet Download Manager)
- http:\\cdn3.msetup.download\dw\tvpcstp.exe(TV Player Classic)
- http:\\cdn3.msetup.download\dw\LINE.exe(LINE)
- http:\\cdn3.msetup.download\dw\DropboxInstaller.exe(Dropbox)
- http:\\cdn3.msetup.download\dw\DCPlusPlus_0.867.exe(DC++)
- http:\\cdn3.msetup.download\dw\UplayInstaller.exe(Uplay)
- http:\\cdn3.msetup.download\dw\The_Bat!_8.0.14.exe(The Bat!)
- http:\\cdn3.msetup.download\dw\Silverlight.exe(Silverlight)
- http:\\cdn3.msetup.download\dw\qbittorrent_4.0.2_setup.exe(qBittorrent)
- http:\\cdn3.msetup.download\dw\WeChat_C1018.exe(WeChat)
- http:\\cdn3.msetup.download\dw\eMule0.50a-Installer.exe(eMule)
- http:\\cdn3.msetup.download\qip2012b.exe(QIP 2012)
- http:\\cdn3.msetup.download\dw\AnyDesk.exe(AnyDesk)
- http:\\cdn3.msetup.download\dw\ooVoo-Setup.exe(ooVoo)
- http:\\cdn3.msetup.download\dw\SlackSetup.x64.exe(Slack)
- http:\\cdn3.msetup.download\dw\PuTTY-0.66-RU-16.zip(PuTTY)
- http:\\cdn3.msetup.download\dw\ZelloSetup.exe(Zello)
- http:\\cdn3.msetup.download\dw\charles_proxy_4.2.1win32x64.zip(Charles)
- http:\\cdn3.msetup.download\dw\palemoon-28.1.0.win32.installer.exe(Pale Moon)
- http:\\cdn3.msetup.download\dw\WinSCP_5.11.3.exe(WinSCP)
- http:\\cdn3.msetup.download\dw\Transmission-2.94.zip(Transmission)
- http:\\cdn3.msetup.download\dw\Vivaldi_1.13.1008.34.exe(Vivaldi)
- http:\\cdn3.msetup.download\dw\Evernote_6.15.4.7934.exe(Evernote)
- http:\\cdn3.msetup.download\dw\CFSetup456.exe(Clownfish)
- http:\\cdn3.msetup.download\dw\Radmin_3.5.2.1_RU.zip(Radmin)
- http:\\cdn3.msetup.download\BitTorrent.exe(BitTorrent)
- http:\\cdn3.msetup.download\chrome-win.zip(Chromium)
- http:\\cdn3.msetup.download\TeamViewer_Setup.exe(TeamViewer)
- http:\\cdn3.msetup.download\SharemanSetup.exe(Shareman)
- https:\\zoom.us\client\latest\ZoomInstaller.exe(Zoom)
- http:\\cdn3.msetup.download\qip2005_build_8095.exe(QIP 2005)
- http:\\cdn3.msetup.download\QIP_infium_3.0_9044_Rus_Setup.exe(QIP Infium)
- [Multimedia, Development]
- http:\\cdn3.msetup.download\SketchBook_8.6.0.0_Win64.exe(Autodesk Sketchbook Pro)
- [Multimedia]
- http:\\cdn3.msetup.download\dw\SAI-1.2.5-rus.zip(Paint Tool SAI)
- http:\\cdn3.msetup.download\DirectX-dxwebsetup.exe(DirectX)
- http:\\cdn3.msetup.download\dw\bdcamsetup.exe(Bandicam)
- http:\\cdn3.msetup.download\dw\wmp11-windowsxp-x86-RU-RU.exe(Windows Media Player)
- http:\\cdn3.msetup.download\dw\K-Lite_Codec_Pack_1400_Mega.exe(K-Lite Codec Pack)
- http:\\cdn3.msetup.download\dw\KMPlayer_4.1.5.8.exe(KMPlayer)
- http:\\cdn3.msetup.download\dw\aimp_4.13.1895.exe(Aimp)
- http:\\cdn3.msetup.download\dw\Vista_Windows7_Windows8_Windows8.1_Windows10_Driver.exe(Realtek HD)
- http:\\cdn3.msetup.download\dw\SketchUp_Pro_2017_v17.2.2555_(x64)_Final.exe(SketchUp)
- http:\\cdn3.msetup.download\vlc-3.0.8-win32.zip(VLC Media Player)
- http:\\cdn3.msetup.download\dw\Windows_Live_Movie_Maker.exe(Windows Movie Maker)
- http:\\cdn3.msetup.download\dw\nvidia-Inspector-1.9.7.8.zip(NVIDIA Inspector)
- http:\\cdn3.msetup.download\dw\388.71_desktop_notebook_win8_win7_32.exe(NVIDIA GeForce)
- http:\\cdn3.msetup.download\flstudio_win_20.1.2.887.exe(FL Studio)
- http:\\cdn3.msetup.download\dw\Apache_OpenOffice_4.1.4_Win_x86_install_ru.exe(OpenOffice)
- http:\\cdn3.msetup.download\dw\MorphVOX-Pro-4.4.17-Deluxe.zip(MorphVOX Pro)
- http:\\cdn3.msetup.download\dw\vppsetup.exe(VideoPad Video Editor)
- http:\\cdn3.msetup.download\dw\NVIDIA_PhysX_System_Software_9.17.0524.exe(NVIDIA PhysX)
- http:\\cdn3.msetup.download\dw\paint_net_4.0.19rus.exe(Paint.NET)
- http:\\cdn3.msetup.download\dw\WinampPRO_v5.666.3516.exe(Winamp)
- http:\\cdn3.msetup.download\PinnacleStudio16_Trial_Setup.exe(Pinnacle Studio)
- http:\\cdn3.msetup.download\dw\Xvid-1.3.4-20150621.exe(Xvid Video Codec)
- http:\\cdn3.msetup.download\dw\blender-2.78c-windows32.msi(Blender)
- http:\\cdn3.msetup.download\dw\gimp-2.8.22-setup.exe(GIMP)
- http:\\cdn3.msetup.download\dw\picasa39-setup.exe(Picasa)
- http:\\cdn3.msetup.download\dw\Format.Factory.4.6.0.2.exe(Format Factory)
- http:\\cdn3.msetup.download\dw\FSViewer.exe(FastStone Image Viewer)
- http:\\cdn3.msetup.download\dw\Fraps_3.5.99.15618.exe(Fraps)
- http:\\cdn3.msetup.download\GOMPlayer.exe(GOM Player)
- http:\\cdn3.msetup.download\dw\audacity_win_2.1.3.exe(Audacity)
- http:\\cdn3.msetup.download\dw\iTools_3.rar(iTools)
- http:\\cdn3.msetup.download\dw\Movavi_Video_Editor_Plus_14.1.1.exe(Movavi Video Editor)
- http:\\cdn3.msetup.download\dw\Setup-SopCast-4.2.0-2016-5-26.exe(SopCast)
- http:\\cdn3.msetup.download\dw\GeForce_Experience_v3.15.0.164.exe(GeForce Experience)
- http:\\cdn3.msetup.download\dw\Photodex-ProShow-Producer-v9.0.3797-Final.zip(Proshow Producer)
- http:\\cdn3.msetup.download\dw\radeon-software-adrenalin.exe(AMD Catalyst Control Center)
- http:\\cdn3.msetup.download\dw\FastStone-Capture-8.3.exe(FastStone Capture)
- http:\\cdn3.msetup.download\dw\Wondershare-Filmora-8.7.5.0-64-bit.zip(Wondershare Filmora)
- http:\\cdn3.msetup.download\dw\FreemakeVideoConverterSetup.exe(Freemake Video Converter)
- http:\\cdn3.msetup.download\dw\JAD8105_PLUS_VX.exe(JetAudio)
- http:\\cdn3.msetup.download\dw\SweetHome3D_5.6_windows.exe(Sweet Home 3D)
- http:\\cdn3.msetup.download\dw\setup-lightshot.exe(Lightshot)
- http:\\cdn3.msetup.download\dw\SmithMicro_Moho_Pro_12.2_Build_21774.zip(Anime Studio Pro)
- http:\\cdn3.msetup.download\dw\shotcut-win64-180102.exe(Shortcut)
- http:\\cdn3.msetup.download\dw\FurMark_1.19.1.0_Setup.exe(FurMark)
- http:\\cdn3.msetup.download\dw\PotPlayerSetup.exe(Daum PotPlayer)
- http:\\cdn3.msetup.download\dw\PhotoScapeSetup_V3-7.exe(Photoscape)
- http:\\cdn3.msetup.download\dw\XnView_win_full.exe(XnView)
- http:\\cdn3.msetup.download\dw\DivXInstaller_free.exe(DivX)
- http:\\cdn3.msetup.download\dw\LA_Setup_v4.10.2.exe(Light Alloy)
- http:\\cdn3.msetup.download\dw\vuex3296.exe(VueScan)
- http:\\cdn3.msetup.download\dw\iview450_setup.exe(IrfanView)
- http:\\cdn3.msetup.download\dw\krita-3.3.2-x86-setup.exe(Krita)
- http:\\cdn3.msetup.download\MovaviScreenCaptureSetupC.exe(Movavi Screen Recorder Studio)
- http:\\cdn3.msetup.download\dw\RocketDock-v1.3.5.exe(RocketDock)
- http:\\cdn3.msetup.download\dw\Video-Editor-Pro.zip(Free Video Editor)
- http:\\cdn3.msetup.download\dw\FreeStudio_6.6.39.707_o.exe(Free Studio)
- http:\\cdn3.msetup.download\dw\VirtualDub.v1.10.4.exe(VirtualDub)
- http:\\cdn3.msetup.download\CameraRaw_11_3_win.zip(Adobe Camera Raw)
- http:\\cdn3.msetup.download\dw\Grass_Valley_EDIUS.zip(Edius)
- http:\\cdn3.msetup.download\pstagesetup.exe(PhotoStage Slideshow Producer)
- http:\\cdn3.msetup.download\dw\avidemux_2.7.0_win32.exe(Avidemux)
- http:\\cdn3.msetup.download\dw\Music-Maker-2016-Premium.zip(Magix Music Maker)
- http:\\cdn3.msetup.download\dw\Rainmeter-4.2.exe(Rainmeter)
- http:\\cdn3.msetup.download\MovaviVideoConverterSetupC.exe(Movavi Video Converter)
- http:\\cdn3.msetup.download\dw\ZunePackage.exe(Zune)
- http:\\cdn3.msetup.download\dw\Inkscape-0.92.1-1.exe(Inkscape)
- http:\\cdn3.msetup.download\Cockos_REAPER.zip(Cockos reaper)
- http:\\cdn3.msetup.download\dw\HomeBank-5.2.2-setup.exe(HomeBank)
- http:\\cdn3.msetup.download\dw\Miro-6.0.exe(MIRO)
- https:\\www.az-partners.net\apps\comboplayer\download?ap=677(ComboPlayer)
- http:\\cdn3.msetup.download\foobar2000_v1.4.8.exe(foobar2000)
- http:\\cdn3.msetup.download\sunvox-1.9.4c.zip(SunVox)
- http:\\cdn3.msetup.download\mp3tagv299asetup.exe(Mp3tag)
- [Office Applications]
- http:\\cdn3.msetup.download\WinZip.Pro-23.0.13431.zip(WinZip)
- http:\\cdn3.msetup.download\MathType-7.4.1.458.zip(MathType)
- http:\\cdn3.msetup.download\soda-pdf-setup.exe(Soda PDF)
- http:\\cdn3.msetup.download\ScanToolSetup.zip(ScanTool Pro 1.0)
- http:\\cdn3.msetup.download\SpravkiBKsetup_ver._2.4.1.msi(BK Help)
- http:\\cdn3.msetup.download\WinScan2PDF.zip(WinScan2PDF)
- http:\\cdn3.msetup.download\kumir2-2.1.0-rc7-install.exe(Kumir)
- http:\\cdn3.msetup.download\ScreenToGif.2.17.1.Portable.zip(ScreenToGif)
- http:\\cdn3.msetup.download\screen_scissors.zip(Screen Scissors)
- http:\\cdn3.msetup.download\ScanLiteSetupVer1_1.exe(ScanLite)
- [Security, Internet]
- http:\\cdn3.msetup.download\dw\pplus.exe(Proxy Plus)
- [System, Development]
- http:\\cdn3.msetup.download\ideaIU-2019.1.2.exe(IntelliJ IDEA)
- [System, Drivers]
- http:\\cdn3.msetup.download\dw\instspeedfan452.exe(SpeedFan)
- https:\\www.az-partners.net\apps\driver-hub\download?ap=677(DriverHub)
- [System, Games]
- http:\\cdn3.msetup.download\dw\RazerGameBoosterSetup_4.2.45.0.exe(Razer Game Booster)
- [System]
- http:\\cdn3.msetup.download\dw\avast_free_antivirus_setup_online.exe(Avast Free Antivirus)
- http:\\cdn3.msetup.download\wrar570.exe(WinRAR)
- http:\\cdn3.msetup.download\winrar-x64-570.exe(WinRAR 64 bit)
- http:\\cdn3.msetup.download\dw\freepdfreader.exe(PDF Reader)
- http:\\cdn3.msetup.download\dw\BlueStacks_Installer_BS3.exe(BlueStacks)
- http:\\cdn3.msetup.download\dw\Total_Commander_9.12_Final.zip(Total Commander)
- http:\\cdn3.msetup.download\dw\driver_booster_setup.exe(Driver Booster Free)
- http:\\cdn3.msetup.download\readerdc_ru_a_install.zip(Adobe Reader)
- http:\\cdn3.msetup.download\dw\iTunesSetup.exe(iTunes)
- http:\\cdn3.msetup.download\dw\clean_master_1_1.exe(Clean Master)
- http:\\cdn3.msetup.download\dw\7z1604.exe(7-Zip)
- http:\\cdn3.msetup.download\dw\nox_setup_v6.0.1.0_full_intl.exe(Nox App Player)
- http:\\cdn3.msetup.download\dw\DjVuReader.2.0.0.26.rus.zip(DjVu reader)
- http:\\cdn3.msetup.download\dw\memreduct-3.3-setup.exe(Mem Reduct)
- http:\\cdn3.msetup.download\dw\MSI_Afterburner_4.4.0_Final_Rus.exe(MSI Afterburner)
- http:\\cdn3.msetup.download\dw\VirtualBox_5.2.2_119230_Win.exe(VirtualBox)
- http:\\cdn3.msetup.download\dw\SHAREit.exe(SHAREit)
- http:\\cdn3.msetup.download\dw\rufus-2.18.exe(Rufus)
- http:\\cdn3.msetup.download\dw\ArtMoney_8.00_SE.exe(ArtMoney)
- http:\\cdn3.msetup.download\dw\Scratch_458.0.1.exe(Scratch)
- http:\\cdn3.msetup.download\dw\MSEInstall_x86.exe(Microsoft Security Essentials)
- http:\\cdn3.msetup.download\kfa18.0.0.405en_full.exe(Kaspersky Free)
- http:\\cdn3.msetup.download\360TS_Setup_Mini_WW_Installpro_CPS202001_6.6.0.1053.exe(360 Total Security)
- http:\\cdn3.msetup.download\dw\eav_nt32.exe(NOD32)
- http:\\cdn3.msetup.download\dw\FastComputer.exe(Fast Computer)
- http:\\cdn3.msetup.download\dw\npp.7.4.1.32-86Installer.exe(Notepad++)
- http:\\cdn3.msetup.download\dw\Intel-Driver-and-Support-Assistant-Installer.exe(Intel Driver)
- http:\\cdn3.msetup.download\dw\Dr-Web-CureIt-02-01-2018.exe(Dr.Web CureIt!)
- http:\\cdn3.msetup.download\dw\adwcleaner_7.0.8.0.exe(AdwCleaner)
- http:\\cdn3.msetup.download\dw\rcsetup153.exe(Recuva)
- http:\\cdn3.msetup.download\dw\cpu-z_1.81-en.exe(CPU-Z)
- http:\\cdn3.msetup.download\Xpadder.v5.7.zip(Xpadder)
- http:\\cdn3.msetup.download\dw\cr3_win32_qt_opengl_3.3.61.zip(Cool Reader)
- http:\\cdn3.msetup.download\dw\Nokia_PC_Suite_7.1.180.94_rus.exe(Nokia PC Suite)
- http:\\cdn3.msetup.download\dw\CrystalDiskInfo_7.5.1.exe(CrystalDiskInfo)
- http:\\cdn3.msetup.download\dw\Victoria_HDD_446.exe(Victoria HDD)
- http:\\cdn3.msetup.download\dw\ClassicShellSetup_4_3_1-ru.exe(Classic Shell)
- http:\\cdn3.msetup.download\dw\chemaxrus188.exe(CheMax)
- http:\\cdn3.msetup.download\dw\Andy_46.16_66_x86.exe(Andy)
- http:\\cdn3.msetup.download\vc_redist.x64.exe(Microsoft Visual C++ x64)
- http:\\cdn3.msetup.download\JavaSetup8u211.exe(Java 8 Runtime)
- http:\\cdn3.msetup.download\dw\PuntoSwitcherSetup.exe(Punto Switcher)
- http:\\cdn3.msetup.download\dw\KiesSetup.exe(Samsung Kies)
- http:\\cdn3.msetup.download\dw\hr.exe(HDD Regenerator)
- http:\\cdn3.msetup.download\dw\IVT_BlueSoleil_10.0.497.0.zip(BlueSoleil)
- http:\\cdn3.msetup.download\vc_redist.x86.exe(Microsoft Visual C++ x86)
- http:\\cdn3.msetup.download\dw\FBReaderSetup_0.12.10.exe(FBReader)
- http:\\cdn3.msetup.download\dw\ASUS_BIOS_Live_Update.zip(ASUS Update)
- http:\\cdn3.msetup.download\dw\mcafee_trial_setup_433.0207_key.exe(Mcafee)
- http:\\cdn3.msetup.download\dw\KingoRootSetup_1.5.5.3207.exe(Kingo Root)
- http:\\cdn3.msetup.download\dw\MediaCreationTool1809.exe(Media Creation Tool)
- http:\\cdn3.msetup.download\dw\HDDLLFsetup_4.40.zip(HDD Low LevelFormat Tool)
- http:\\cdn3.msetup.download\dw\arduino-1.8.5-windows.exe(Arduino)
- http:\\cdn3.msetup.download\Win_10_Tweaker_14.3.exe(Win 10 Tweaker Pro)
- http:\\cdn3.msetup.download\dw\MultiBoot.exe(MultiBoot)
- http:\\cdn3.msetup.download\dw\LibreOffice_5.4.4_Win_x86.msi.zip(LibreOffice)
- http:\\cdn3.msetup.download\fpsmon-5075.exe(FPS Monitor)
- http:\\cdn3.msetup.download\avg_tuneup_setup.exe(AVG PC TuneUp)
- http:\\cdn3.msetup.download\dw\RazerCortexSetup_8.4.17.561.exe(Razer Cortex)
- http:\\cdn3.msetup.download\DDU_v18.0.2.1.exe(Display Driver Uninstaller)
- http:\\cdn3.msetup.download\dw\mb3-setup-consumer-3.6.1.2711-1.0.482-1.0.7565.exe(Malwarebytes Anti-Malware)
- http:\\cdn3.msetup.download\dw\SetupImgBurn_2.5.8.0.exe(ImgBurn)
- http:\\cdn3.msetup.download\dw\WiseCare_PRO_365_4.7.5.458.exe(Wise Care 365 Pro)
- http:\\cdn3.msetup.download\dw\Foxit_Reader_9.0.exe(Foxit Reader)
- http:\\cdn3.msetup.download\dw\Glary_Utilities_5.89.0.110.exe(Glary Utilities)
- http:\\cdn3.msetup.download\dw\CPU_Control.zip(CPU Control)
- http:\\cdn3.msetup.download\dw\DG_Setup.exe(Driver Genius)
- http:\\cdn3.msetup.download\dw\CrystalDiskInfo8_0_0.exe(CrystalDiskMark)
- http:\\cdn3.msetup.download\GPU-Z.2.21.0.exe(GPU-Z)
- http:\\cdn3.msetup.download\dw\testdisk-7.1-win.zip(TestDisk)
- http:\\cdn3.msetup.download\dw\Core-Temp-setup.exe(Core Temp)
- http:\\cdn3.msetup.download\dw\eclipse-inst-win64.exe(Eclipse)
- http:\\cdn3.msetup.download\oalinst.exe(OpenAL)
- http:\\cdn3.msetup.download\dw\Far30b5100.x86.20171126.msi(FAR Manager)
- http:\\cdn3.msetup.download\dw\hetman_partition_recovery.exe(Hetman Partition Recovery)
- http:\\cdn3.msetup.download\CleanMyPC.exe(CleanMyPC)
- http:\\cdn3.msetup.download\dw\calibre-3.16.0.msi(Calibre)
- http:\\cdn3.msetup.download\PAssist_Std.exe(AOMEI Partition Assistant)
- http:\\cdn3.msetup.download\dw\Kerish_Doctor_4.65.exe(Kerish Doctor)
- http:\\cdn3.msetup.download\dw\mhdd32ver4.6.iso(MHDD)
- http:\\cdn3.msetup.download\dw\stduviewer.exe(STDU Viewer)
- http:\\cdn3.msetup.download\dw\Sublime_Text_Build_3176_Setup.exe(Sublime Text)
- http:\\cdn3.msetup.download\dw\fb2reader.zip(FB2 Reader)
- http:\\cdn3.msetup.download\dw\HWMonitor_x32_1.31_Rus.exe(HWMonitor)
- http:\\cdn3.msetup.download\dw\ActiveSync.msi(ActiveSync)
- http:\\cdn3.msetup.download\dw\rivatuner.zip(RivaTuner)
- http:\\cdn3.msetup.download\dw\HDDScan_v4.0.zip(HDDScan)
- http:\\cdn3.msetup.download\IObit-Malware-Fighter-Setup.exe(IObit Malware Fighter)
- http:\\cdn3.msetup.download\dw\Eraser_6.2.0.2979.exe(Eraser)
- http:\\cdn3.msetup.download\dw\Antivirus_Free_x86_1819.exe(AVG Antivirus)
- http:\\cdn3.msetup.download\dw\Internet_Security_x86_1821.exe(AVG Internet Security)
- http:\\cdn3.msetup.download\reiboot.exe(Tenorshare ReiBoot)
- http:\\cdn3.msetup.download\ProcessExplorer.zip(Process Explorer)
- http:\\cdn3.msetup.download\dw\Firebird_Win32.exe(Firebird)
- http:\\cdn3.msetup.download\litemanager_4.9.zip(Litemanager Pro)
- http:\\cdn3.msetup.download\Unlocker_1.9.2.exe(Unlocker)
- http:\\cdn3.msetup.download\Uninstall_Tool.zip(Uninstall Tool)
- http:\\cdn3.msetup.download\reg-organizer-setup.exe(Reg Organizer)
- http:\\cdn3.msetup.download\RStudio8.exe(R-Studio)
- http:\\cdn3.msetup.download\Novicorp_WinToFlash_Pro_v1.12.0.exe(WinToFlash)
- http:\\cdn3.msetup.download\WinSetupFromUSB-1-9.exe(WinSetupFromUSB)
- http:\\cdn3.msetup.download\EasyBCD_2.4.exe(EasyBCD)
- http:\\cdn3.msetup.download\AutoHotkey_1.1.30.03_setup.exe(AutoHotkey)
- http:\\cdn3.msetup.download\MemTest.zip(MemTest)
- http:\\cdn3.msetup.download\parkcontrolsetup64.exe(ParkControl 64bit)
- http:\\cdn3.msetup.download\dxcpl.zip(Dxcpl)
- http:\\cdn3.msetup.download\microsoftvisualcpp.zip(Microsoft VisualC++ Full)
- http:\\cdn3.msetup.download\RegCleaner736.exe(TweakNow RegCleaner)
Guarda los archivos que descarga con los nombres siguientes:
- Default {Download Folder} is %User Profile%\Downloads\Downloads msetup
- [Development]
- {Download Folder}\java-development-kit.exe
- [Drivers]
- {Download Folder}\physx-nvidia.exe
- [Games]
- {Download Folder}\desktop-games.exe
- {Download Folder}\oscar-editor.exe
- {Download Folder}\games-mail-ru.exe
- {Download Folder}\vimeworld.exe
- {Download Folder}\minecraft-tlauncher.exe
- {Download Folder}\tlauncher.exe
- {Download Folder}\punk-buster.exe
- [Internet, Games]
- {Download Folder}\epic-games-launcher.exe
- [Internet]
- {Download Folder}\yandex-browser.exe
- {Download Folder}\opera.exe
- {Download Folder}\adguard.exe
- {Download Folder}\skype.exe
- {Download Folder}\telegram.exe
- {Download Folder}\steam.exe
- {Download Folder}\whatsapp.exe
- {Download Folder}\discord.exe
- {Download Folder}\viber.exe
- {Download Folder}\savefrom.exe
- {Download Folder}\utorrent.exe
- {Download Folder}\ammyy-admin.exe
- {Download Folder}\tor.exe
- {Download Folder}\internet-explorer.exe
- {Download Folder}\adobe-flash-player.exe
- {Download Folder}\team-viewer.exe
- {Download Folder}\firefox.exe
- {Download Folder}\glaz-tv.exe
- {Download Folder}\google-earth.exe
- {Download Folder}\ip-tv-player.exe
- {Download Folder}\vksaver.exe
- {Download Folder}\2gis.exe
- {Download Folder}\safari.exe
- {Download Folder}\vkmusic.exe
- {Download Folder}\raidcall.exe
- {Download Folder}\obs-studio.exe
- {Download Folder}\teamspeak.exe
- {Download Folder}\virtual-router.exe
- {Download Folder}\drug-vokrug.exe
- {Download Folder}\unity-web-player.exe
- {Download Folder}\download-master.exe
- {Download Folder}\pcradio.exe
- {Download Folder}\yandex-disk.exe
- {Download Folder}\origin.exe
- {Download Folder}\hamachi.exe
- {Download Folder}\tunnelbear.exe
- {Download Folder}\google-drive.exe
- {Download Folder}\microsoft-net-framework.exe
- {Download Folder}\microsoft-edge.exe
- {Download Folder}\openvpn.exe
- {Download Folder}\supremo.exe
- {Download Folder}\youtube-downloader.exe
- {Download Folder}\k-meleon.exe
- {Download Folder}\cloud-mail.exe
- {Download Folder}\amigo.exe
- {Download Folder}\tlauncherorg.exe
- {Download Folder}\icq.exe
- {Download Folder}\google-chrome.exe
- {Download Folder}\sas-planeta-2019.exe
- {Download Folder}\uc_browser.exe
- {Download Folder}\filezilla.exe
- {Download Folder}\maxthon.exe
- {Download Folder}\hotspot-shield.exe
- {Download Folder}\mozilla-thunderbird.exe
- {Download Folder}\mypublicwifi.exe
- {Download Folder}\internet-download-manager.exe
- {Download Folder}\tv-player-classic.exe
- {Download Folder}\line.exe
- {Download Folder}\dropbox.exe
- {Download Folder}\dc_plus_plus.exe
- {Download Folder}\uplay.exe
- {Download Folder}\the-bat.exe
- {Download Folder}\silverlight.exe
- {Download Folder}\qbittorrent.exe
- {Download Folder}\wechat.exe
- {Download Folder}\emule.exe
- {Download Folder}\qip.exe
- {Download Folder}\anydesk.exe
- {Download Folder}\oovoo.exe
- {Download Folder}\slack.exe
- {Download Folder}\putty.exe
- {Download Folder}\zello.exe
- {Download Folder}\charles.exe
- {Download Folder}\pale-moon.exe
- {Download Folder}\winscp.exe
- {Download Folder}\transmission.exe
- {Download Folder}\vivaldi.exe
- {Download Folder}\evernote.exe
- {Download Folder}\clownfish.exe
- {Download Folder}\radmin.exe
- {Download Folder}\bittorrent.exe
- {Download Folder}\chromium.exe
- {Download Folder}\teamviewer.exe
- {Download Folder}\shareman.exe
- {Download Folder}\zoom.exe
- {Download Folder}\qip-2005.exe
- {Download Folder}\qip-infium.exe
- [Multimedia, Development]
- {Download Folder}\autodesk-sketchbook-pro.exe
- [Multimedia]
- {Download Folder}\paint-tool-sai.exe
- {Download Folder}\directx.exe
- {Download Folder}\bandicam.exe
- {Download Folder}\windows-media-player.exe
- {Download Folder}\k-lite.exe
- {Download Folder}\kmplayer.exe
- {Download Folder}\aimp.exe
- {Download Folder}\realtek-hd.exe
- {Download Folder}\sketchup.exe
- {Download Folder}\vlc.exe
- {Download Folder}\livemoviemaker.exe
- {Download Folder}\nvidia-inspector.exe
- {Download Folder}\nvidia-geforce.exe
- {Download Folder}\fl-studio.exe
- {Download Folder}\openoffice.exe
- {Download Folder}\morphvox-pro.exe
- {Download Folder}\videopad-video-editor.exe
- {Download Folder}\nvidia-physx.exe
- {Download Folder}\paintnet.exe
- {Download Folder}\winamp.exe
- {Download Folder}\pinnacle-studio.exe
- {Download Folder}\xvid.exe
- {Download Folder}\blender.exe
- {Download Folder}\gimp.exe
- {Download Folder}\picasa.exe
- {Download Folder}\format-factory.exe
- {Download Folder}\faststone_image_viewer.exe
- {Download Folder}\fraps.exe
- {Download Folder}\gom-player.exe
- {Download Folder}\audacity.exe
- {Download Folder}\itools.exe
- {Download Folder}\movavi-video-editor.exe
- {Download Folder}\sopcast.exe
- {Download Folder}\geforce-experience.exe
- {Download Folder}\proshow-producer.exe
- {Download Folder}\amd-catalyst-control-center.exe
- {Download Folder}\faststone-capture.exe
- {Download Folder}\wondershare-filmora.exe
- {Download Folder}\freemake-video-converter.exe
- {Download Folder}\jetaudio.exe
- {Download Folder}\sweet-home-3d.exe
- {Download Folder}\lightshot.exe
- {Download Folder}\anime-studio-pro.exe
- {Download Folder}\shotcut.exe
- {Download Folder}\furmark.exe
- {Download Folder}\daum-potplayer.exe
- {Download Folder}\photoscape.exe
- {Download Folder}\xnview.exe
- {Download Folder}\divx.exe
- {Download Folder}\light-alloy.exe
- {Download Folder}\vuescan.exe
- {Download Folder}\irfanview.exe
- {Download Folder}\krita.exe
- {Download Folder}\movavi-screen-recorder.exe
- {Download Folder}\rocketdock.exe
- {Download Folder}\free-video-editor.exe
- {Download Folder}\free-studio.exe
- {Download Folder}\virtualdub.exe
- {Download Folder}\adobe-camera-raw.exe
- {Download Folder}\edius.exe
- {Download Folder}\photostage-slideshow-producer.exe
- {Download Folder}\avidemux.exe
- {Download Folder}\magix-music-maker.exe
- {Download Folder}\rainmeter.exe
- {Download Folder}\movavi-video-converter.exe
- {Download Folder}\zune.exe
- {Download Folder}\inkscape.exe
- {Download Folder}\cockos-reaper.exe
- {Download Folder}\homebank.exe
- {Download Folder}\miro.exe
- {Download Folder}\comboplayer.exe
- {Download Folder}\foobar2000.exe
- {Download Folder}\sunvox.exe
- {Download Folder}\mp3tag.exe
- [Office Applications]
- {Download Folder}\winzip.exe
- {Download Folder}\mathtype.exe
- {Download Folder}\soda-pdf.exe
- {Download Folder}\scantool.exe
- {Download Folder}\spravki-bk.exe
- {Download Folder}\winscan2pdf.exe
- {Download Folder}\kumir.exe
- {Download Folder}\screentogif.exe
- {Download Folder}\ekrannie-nozshnitsi.exe
- {Download Folder}\scanlite.exe
- [Security, Internet]
- {Download Folder}\proxy-plus.exe
- [System, Development]
- {Download Folder}\intellij-idea.exe
- [System, Drivers]
- {Download Folder}\speedfan.exe
- {Download Folder}\driverhub.exe
- [System, Games]
- {Download Folder}\razer-game-booster.exe
- [System]
- {Download Folder}\avast-free-antivirus.exe
- {Download Folder}\winrar.exe
- {Download Folder}\winrar-32-64-bit.exe
- {Download Folder}\pdf-reader.exe
- {Download Folder}\bluestacks.exe
- {Download Folder}\total-commander.exe
- {Download Folder}\driver-booster-free.exe
- {Download Folder}\adobe-reader.exe
- {Download Folder}\itunes.exe
- {Download Folder}\clean-master.exe
- {Download Folder}\7-zip.exe
- {Download Folder}\nox-app-player.exe
- {Download Folder}\djvu-reader.exe
- {Download Folder}\mem-reduct.exe
- {Download Folder}\msi-afterburner.exe
- {Download Folder}\virtualbox.exe
- {Download Folder}\shareit.exe
- {Download Folder}\rufus.exe
- {Download Folder}\artmoney.exe
- {Download Folder}\scratch.exe
- {Download Folder}\microsoft-security-essentials.exe
- {Download Folder}\kaspersky-free.exe
- {Download Folder}\360-total-security.exe
- {Download Folder}\nod32.exe
- {Download Folder}\uskoritel-komputera.exe
- {Download Folder}\notepad.exe
- {Download Folder}\intel-driver.exe
- {Download Folder}\dr-web-cuteit.exe
- {Download Folder}\adwcleaner.exe
- {Download Folder}\recuva.exe
- {Download Folder}\cpu-z.exe
- {Download Folder}\xpadder.exe
- {Download Folder}\cool-reader.exe
- {Download Folder}\nokia-pc-suite.exe
- {Download Folder}\crystaldiskinfo.exe
- {Download Folder}\victoria-hdd.exe
- {Download Folder}\classic-shell.exe
- {Download Folder}\chemax.exe
- {Download Folder}\andy.exe
- {Download Folder}\ms-vc-redist-x64.exe
- {Download Folder}\java.exe
- {Download Folder}\punto-switcher.exe
- {Download Folder}\samsung-kies.exe
- {Download Folder}\hdd-regenerator.exe
- {Download Folder}\bluesoleil.exe
- {Download Folder}\ms-vc-redist-x86.exe
- {Download Folder}\fbreader.exe
- {Download Folder}\asus.exe
- {Download Folder}\mcafee.exe
- {Download Folder}\kingo-root.exe
- {Download Folder}\media-creation-tool.exe
- {Download Folder}\hdd-low-level-format-tool.exe
- {Download Folder}\arduino.exe
- {Download Folder}\win-10-tweaker-pro.exe
- {Download Folder}\multiboot.exe
- {Download Folder}\libreoffice.exe
- {Download Folder}\fps-monitor.exe
- {Download Folder}\avg-pc-tuneup.exe
- {Download Folder}\razer-cortex.exe
- {Download Folder}\display-driver-uninstaller.exe
- {Download Folder}\malwarebytes-anti-malware.exe
- {Download Folder}\imgburn.exe
- {Download Folder}\wise-care-365-pro.exe
- {Download Folder}\foxitreader.exe
- {Download Folder}\glary-utilities.exe
- {Download Folder}\cpu-control.exe
- {Download Folder}\driver-genius.exe
- {Download Folder}\crystaldiskmark.exe
- {Download Folder}\gpu-z.exe
- {Download Folder}\testdisk.exe
- {Download Folder}\core-temp.exe
- {Download Folder}\eclipse.exe
- {Download Folder}\openal.exe
- {Download Folder}\far-manager.exe
- {Download Folder}\hetman-partition-recovery.exe
- {Download Folder}\cleanmypc.exe
- {Download Folder}\calibre.exe
- {Download Folder}\aomei-partition-assistant.exe
- {Download Folder}\kerish-doctor.exe
- {Download Folder}\mhdd.exe
- {Download Folder}\stdu-viewer.exe
- {Download Folder}\sublime-text.exe
- {Download Folder}\fb2-reader.exe
- {Download Folder}\hwmonitor.exe
- {Download Folder}\activesync.exe
- {Download Folder}\rivatuner.exe
- {Download Folder}\hddscan.exe
- {Download Folder}\iobit-malware-fighter.exe
- {Download Folder}\eraser.exe
- {Download Folder}\avg-antivirus.exe
- {Download Folder}\avg-internet-security.exe
- {Download Folder}\tenorshare-reiboot.exe
- {Download Folder}\process-explorer.exe
- {Download Folder}\firebird.exe
- {Download Folder}\litemanager-pro.exe
- {Download Folder}\unlocker.exe
- {Download Folder}\uninstall-tool.exe
- {Download Folder}\reg-organizer.exe
- {Download Folder}\r-studio.exe
- {Download Folder}\wintoflash.exe
- {Download Folder}\winsetupfromusb.exe
- {Download Folder}\easybcd.exe
- {Download Folder}\autohotkey.exe
- {Download Folder}\memtest.exe
- {Download Folder}\parkcontrol-64bit.exe
- {Download Folder}\dxcpl.exe
- {Download Folder}\msvcpp-redist-full.exe
- {Download Folder}\tweaknow-regcleaner
(Nota: %User Profile% es la carpeta de perfil del usuario activo, que en el caso de Windows 98 y ME suele estar en C:\Windows\Profiles\{nombre de usuario}, en el caso de Windows NT en C:\WINNT\Profiles\{nombre de usuario}, en el caso de Windows 2000(32-bit), XP y Server 2003(32-bit) en C:\Documents and Settings\{nombre de usuario} y en el caso de Windows Vista, 7, 8, 8.1, 2008(64-bit), 2012(64-bit) y 10(64-bit) en C:\Users\{nombre de usuario}).
)Otros detalles
Se conecta al sitio Web siguiente para enviar y recibir información:
- https://api.{BLOCKED}p.pro
Hace lo siguiente:
- Shows the following when executed:
- Выбор программ → Program Selection
- Рекомендации и подтверждение → Recommendations and confirmation
- Pressing the button on the left downloads and install avast with the chosen programs
- Процессе загрузки → Boot process
- Checking the checkboxes downloads and installs Yandex
- Выбор программ → Program Selection
Soluzioni
Step 1
Los usuarios de Windows ME y XP, antes de llevar a cabo cualquier exploración, deben comprobar que tienen desactivada la opción Restaurar sistema para permitir la exploración completa del equipo.
Step 2
Note that not all files, folders, and registry keys and entries are installed on your computer during this malware's/spyware's/grayware's execution. This may be due to incomplete installation or other operating system conditions. If you do not find the same files/folders/registry information, please proceed to the next step.
Step 3
Buscar y eliminar estas carpetas
- %User Temp%\msetup
- %User Temp%\msetup\icons
Step 4
Buscar y eliminar este archivo
- %User Temp%\multi_setup.log
- %User Temp%\msetup\msetup.json
- %User Temp%\5e8c8366-a94d4.cab
Step 5
Explorar el equipo con su producto de Trend Micro para eliminar los archivos detectados como PUA.Win32.MulSetup.THA En caso de que el producto de Trend Micro ya haya limpiado, eliminado o puesto en cuarentena los archivos detectados, no serán necesarios más pasos. Puede optar simplemente por eliminar los archivos en cuarentena. Consulte esta página de Base de conocimientos para obtener más información.
Sondaggio