Техническая информация
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'lmu' = '%WINDIR%\LMU.exe'
- %WINDIR%\syswow64\tvm_b537.exe
- %TEMP%\i19b7.tmp
- %WINDIR%\syswow64\instafinder_inst.exe
- %TEMP%\nsl2710.tmp
- %TEMP%\nsb2721.tmp\nsisdl.dll
- %WINDIR%\syswow64\megasearchbarsetup.exe
- %TEMP%\nsm3209.tmp
- %TEMP%\nsb3219.tmp\nsisdl.dll
- %WINDIR%\lmu.exe
- %TEMP%\nsb3219.tmp\nsisdl.dll
- %TEMP%\nsb2721.tmp\nsisdl.dll
- http://www.to####elocity.com/Bundling/TvmUpdater4bp5.exe?ve#######################################
- http://www.in##ort.com/post.asp
- DNS ASK to####elocity.com
- DNS ASK in###finder.com
- DNS ASK me####archbar.com
- DNS ASK we###tinfo.net
- DNS ASK sr##ate.com
- DNS ASK in##ort.com
- DNS ASK da###port.com
- '%WINDIR%\syswow64\tvm_b537.exe'
- '%TEMP%\i19b7.tmp' 381
- '%WINDIR%\syswow64\instafinder_inst.exe'
- '%WINDIR%\syswow64\megasearchbarsetup.exe'
- '%WINDIR%\lmu.exe'