Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'NaviSearch' = '%PROGRAM_FILES%\NaviSearch\bin\nls.exe'
- %PROGRAM_FILES%\NaviSearch\bin\nls.exe
- <SYSTEM32>\regsvr32.exe /s <SYSTEM32>\nvms.dll
- <SYSTEM32>\nvms.dll
- %PROGRAM_FILES%\NaviSearch\ad.dat
- %PROGRAM_FILES%\NaviSearch\nls_config.dat
- %PROGRAM_FILES%\NaviSearch\t1309779121.dec
- %PROGRAM_FILES%\NaviSearch\Uninstall.exe
- %PROGRAM_FILES%\NaviSearch\bin\nls.exe
- %HOMEPATH%\Start Menu\Programs\NaviSearch\Uninstall Instructions.lnk
- %TEMP%\nsd2.tmp
- %PROGRAM_FILES%\NaviSearch\nvms.dll
- %PROGRAM_FILES%\NaviSearch\ad-nls.dat
- %PROGRAM_FILES%\NaviSearch\nls.exe
- %PROGRAM_FILES%\NaviSearch\ad-nls.dat
- %PROGRAM_FILES%\NaviSearch\t1309779121.dec
- %PROGRAM_FILES%\NaviSearch\nvms.dll
- %PROGRAM_FILES%\NaviSearch\nls.exe
- 'se#####.bargain-buddy.net':80
- se#####.bargain-buddy.net/scripts/adpopper/webservice.main?ve################################################################################################
- DNS ASK se#####.bargain-buddy.net
- ClassName: 'nls_wnd_class' WindowName: 'nls module'