Техническая информация
- '%TEMP%\~nsu.tmp\Au_.exe' _?=%TEMP%\
- '%TEMP%\uninst.exe'
- '<SYSTEM32>\wscript.exe' %TEMP%\load.vbs
- '<SYSTEM32>\regsvr32.exe' /s "%WINDIR%\AutoItX3.dll"
- %TEMP%\temp.ini
- %TEMP%\uninst.exe
- %TEMP%\~nsu.tmp\Au_.exe
- %PROGRAM_FILES%\Internet Explorer\ie.amico
- %TEMP%\nsd2.tmp\InetLoad.dll
- %TEMP%\nsd2.tmp\System.dll
- %TEMP%\uninst.exe
- %TEMP%\temp.ini
- %TEMP%\nsd2.tmp\InetLoad.dll
- %TEMP%\nsd2.tmp\System.dll
- 'cp######.load-code.meibu.com':8080
- DNS ASK cp######.load-code.meibu.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'