Техническая информация
- %PROGRAM_FILES%\TheFreeCoupon\dreamsearchinst.exe start
- <SYSTEM32>\cmd.exe /c "%PROGRAM_FILES%\TheFreeCoupon\unst.bat"
- %PROGRAM_FILES%\TheFreeCoupon\dreamsearchfdl.exe
- %PROGRAM_FILES%\TheFreeCoupon\dreamsearchdl.exe
- %PROGRAM_FILES%\TheFreeCoupon\dreamsearch.exe
- %PROGRAM_FILES%\TheFreeCoupon\dreamsearchfdl.ini
- %PROGRAM_FILES%\TheFreeCoupon\unst.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\execute[1].php
- %PROGRAM_FILES%\TheFreeCoupon\dreamsearchinst.exe
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\15.tmp
- %TEMP%\$inst\2.tmp
- <SYSTEM32>\INETKO.DLL
- %PROGRAM_FILES%\TheFreeCoupon\dreamsearch.dll
- <SYSTEM32>\VB6KO.DLL
- <SYSTEM32>\MSINET.OCX
- %TEMP%\$inst\15.tmp
- %PROGRAM_FILES%\TheFreeCoupon\dreamsearchinst.exe
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- '12#.#8.93.28':80
- 'localhost':1035
- 12#.#8.93.28/~paran/execute.php?m_################################################################
- ClassName: 'Shell_TrayWnd' WindowName: ''