Техническая информация
- C:\divxh264decoder820.exe
- "%TEMP%\imvdlc.exe" (загружен из сети Интернет)
- <SYSTEM32>\at.exe 19:45 /every:T,Th,F,Su ""%WINDIR%\rndbs.exe""
- <SYSTEM32>\at.exe 19:45 /every:T,Th,F,Su ""%WINDIR%\pstc.exe""
- <SYSTEM32>\at.exe 19:33 /every:T,Th,F,Su ""%WINDIR%\crstk.exe""
- <SYSTEM32>\at.exe 19:37 /every:T,Th,F,Su ""%WINDIR%\iopc.exe""
- %TEMP%\nst3.tmp\inetc.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\download[1].php
- %TEMP%\nst3.tmp\ns6.tmp
- %TEMP%\nst3.tmp\ns7.tmp
- %TEMP%\is-KOLVM.tmp\_isetup\_RegDLL.tmp
- %TEMP%\is-KOLVM.tmp\_isetup\_shfoldr.dll
- %TEMP%\imvdlc.exe
- %TEMP%\is-I3GUT.tmp\divxh264decoder820.tmp
- %TEMP%\nst3.tmp\ns5.tmp
- %WINDIR%\crstk.exe
- %WINDIR%\iopc.exe
- %TEMP%\nsy2.tmp
- C:\divxh264decoder820.exe
- %TEMP%\nst3.tmp\nsExec.dll
- %TEMP%\nst3.tmp\ns4.tmp
- %WINDIR%\rndbs.exe
- %WINDIR%\pstc.exe
- %WINDIR%\rndbs.exe
- %WINDIR%\pstc.exe
- %WINDIR%\iopc.exe
- C:\divxh264decoder820.exe
- %WINDIR%\crstk.exe
- %TEMP%\nst3.tmp\ns6.tmp
- %TEMP%\nst3.tmp\ns7.tmp
- %TEMP%\nst3.tmp\ns4.tmp
- %TEMP%\nst3.tmp\ns5.tmp
- 'www.nt###one.com':80
- www.nt###one.com/download.php?k3######
- DNS ASK www.nt###one.com
- ClassName: 'Shell_TrayWnd' WindowName: ''