Техническая информация
- %APPDATA%\temp\WinPro_DOWNMEMORY.exe
- %APPDATA%\temp\winpro1.exe
- %WINDIR%\explorer.exe
- <SYSTEM32>\cmd.exe /c ""%APPDATA%\temp\winpro1.exe_del.bat" "
- <SYSTEM32>\cmd.exe /c ""<Полный путь к вирусу>_del.bat" "
- %WINDIR%\explorer.exe
- %APPDATA%\temp\winpro1.exe_del.bat
- %TEMP%\nsn6.tmp\nsSelfDel.dll
- %TEMP%\nsn6.tmp\nsCommands3.dll
- %TEMP%\nsr8.tmp\SelfDel.dll
- %TEMP%\nsr8.tmp\NSISdl.dll
- %TEMP%\nsr8.tmp\UAC.dll
- %APPDATA%\temp\WinPro_DOWNMEMORY.exe
- %TEMP%\nss3.tmp\nsCommands3.dll
- %APPDATA%\temp\winpro1.exe
- %TEMP%\nsc2.tmp
- %TEMP%\nsc5.tmp
- <Полный путь к вирусу>_del.bat
- %TEMP%\nss3.tmp\nsSelfDel.dll
- %TEMP%\nsr8.tmp\SelfDel.dll
- %TEMP%\nsr8.tmp\NSISdl.dll
- %APPDATA%\temp\WinPro_DOWNMEMORY.exe
- %TEMP%\nsr8.tmp\UAC.dll
- %APPDATA%\temp\winpro1.exe
- %TEMP%\nss3.tmp\nsSelfDel.dll
- %TEMP%\nss3.tmp\nsCommands3.dll
- %TEMP%\nsn6.tmp\nsSelfDel.dll
- %TEMP%\nsn6.tmp\nsCommands3.dll
- DNS ASK fi##.#ideon.co.kr