Техническая информация
- '%TEMP%\Patch.exe'
- '%TEMP%\4.tmp' <Текущая директория>
- '%TEMP%\setupv.exe'
- '%TEMP%\7za.exe' x %TEMP%\a2.7z -aoa -o%HOMEPATH%\Local Settings\Temp -pmilfsex
- '%TEMP%\7za.exe' x %TEMP%\a1.7z -aoa -o%HOMEPATH%\Local Settings\Temp -pmilfsex
- '%TEMP%\zzxx.exe'
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\tmpfile0.bat""
- <SYSTEM32>\ieframe.dll
- %TEMP%\nsz6.tmp
- %TEMP%\tmpfile0.bat
- %TEMP%\tmpurl.txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\watchfreemoviesnow[1]
- %TEMP%\RGI8.tmp
- %TEMP%\setupv.exe
- %TEMP%\4.tmp
- %TEMP%\a1.7z
- %TEMP%\7za.exe
- %TEMP%\nsc2.tmp
- %TEMP%\a2.7z
- %TEMP%\zzxx.exe
- %TEMP%\Patch.exe
- %TEMP%\nsq3.tmp\ExecDos.dll
- %TEMP%\tmpurl.txt
- %TEMP%\RGI8.tmp
- %TEMP%\nsq3.tmp\ExecDos.dll
- 'wa#####eemoviesnow.info':80
- 'localhost':1038
- wa#####eemoviesnow.info/?p=##
- DNS ASK wa#####eemoviesnow.info
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'File Download - Security Warning'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'Button' WindowName: 'OK'
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'