Техническая информация
- %WINDIR%\Tasks\Updater.job
- %TEMP%\nso4.tmp\ns5.tmp schtasks /create /sc minute /mo 60 /tn "Updater" /tr "\"%APPDATA%\Update\seupd.exe\"" /ru "System"
- %APPDATA%\Update\seupd.exe
- <SYSTEM32>\schtasks.exe /create /sc minute /mo 60 /tn "Updater" /tr "\"%APPDATA%\Update\seupd.exe\"" /ru "System"
- %TEMP%\aaaa.txt
- %TEMP%\nso4.tmp\NSISdl.dll
- %TEMP%\nso4.tmp\ns5.tmp
- %TEMP%\nso4.tmp\nsExec.dll
- C:\google_search.xml
- %APPDATA%\Update\seupd.exe
- %TEMP%\nsy3.tmp\registry.dll
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\user.js
- %TEMP%\nso4.tmp\nsExec.dll
- %TEMP%\nso4.tmp\NSISdl.dll
- %TEMP%\nsy3.tmp\registry.dll
- %TEMP%\nso4.tmp\ns5.tmp
- 'www.li###nfopro.com':80
- www.li###nfopro.com/reg
- DNS ASK www.li###nfopro.com