Техническая информация
- '%TEMP%\nsu3.tmp\ef.exe' "%TEMP%\nsu3.tmp\inetc.dll" -929
- '%TEMP%\nsu3.tmp\pp.exe' /pid=929
- '%TEMP%\nsu3.tmp\ns5.tmp' %TEMP%\nsu3.tmp\ef.exe "%TEMP%\nsu3.tmp\inetc.dll" -929
- '%TEMP%\nsu3.tmp\ns4.tmp' %TEMP%\nsu3.tmp\mf.exe "%TEMP%\nsu3.tmp\inetc.dll"
- '%TEMP%\nsu3.tmp\mf.exe' "%TEMP%\nsu3.tmp\inetc.dll"
- '%TEMP%\nsu3.tmp\pp.exe' (загружен из сети Интернет)
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\pp[1]
- %TEMP%\nso2.tmp
- %TEMP%\nsu3.tmp\inetc.dll.out в %TEMP%\nsu3.tmp\inetc.dll
- 'www.qu####ownloads.info':80
- www.qu####ownloads.info/downloads/pp.exe?s=###
- DNS ASK www.qu####ownloads.info
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'