Техническая информация
- %WINDIR%\Tasks\{7C8B6E15-9FBF-40AA-A081-D8CF1FACD484}.job
- %WINDIR%\Tasks\{7705D7EF-8EAC-4133-BE4F-8FE216120013}.job
- '%TEMP%\<Имя вируса>.exe' (загружен из сети Интернет)
- '%TEMP%\<Имя вируса>.exe' /ver 1.1.5.26 e /fi {F7431857-65AF-4D54-B43A-17FE108584CD}.txt
- ClassName: '' WindowName: 'VBoxTrayToolWnd'
- ClassName: 'VBoxTrayToolWndClass' WindowName: ''
- %TEMP%\nsb3.tmp\NSIS_TaskScheduler.dll
- %TEMP%\<Имя вируса>.exe
- %TEMP%\nsb3.tmp\inetc.dll
- <Текущая директория>\StubInstallerCleanUp.bat
- %TEMP%\nsb3.tmp\md5dll.dll
- %TEMP%\taskSched.txt
- %TEMP%\nsb3.tmp\System.dll
- %TEMP%\nsb3.tmp\amisid.exe
- %TEMP%\nsb2.tmp
- %TEMP%\nsb3.tmp\nsisos.dll
- %TEMP%\nsb3.tmp\NSIS_AntiVmFraud.dll
- %TEMP%\nsb3.tmp\registry.dll
- %TEMP%\nsb3.tmp\NSIS_TaskScheduler.dll
- %TEMP%\nsb3.tmp\NSIS_AntiVmFraud.dll
- %TEMP%\nsb3.tmp\System.dll
- %TEMP%\nsb3.tmp\registry.dll
- %TEMP%\nsb3.tmp\nsisos.dll
- %TEMP%\nsb3.tmp\amisid.exe
- %WINDIR%\Tasks\{7705D7EF-8EAC-4133-BE4F-8FE216120013}.job
- %TEMP%\nsb3.tmp\md5dll.dll
- %TEMP%\nsb3.tmp\inetc.dll
- %TEMP%\nsb3.tmp\NSIS_TaskScheduler.dll
- 'www.eg###dx.tech':80
- http://www.eg###dx.tech/info.php?id######################################
- DNS ASK www.eg###dx.tech