Техническая информация
- '%TEMP%\nsy5.tmp\BundleSweetIMSetup.exe' -silent -SIMSDMURL=http://cd#.####load.sweetpacks.com/simsdm/conduit/bundle/bundlesweetimsetup.exe -SIMRB=ZakoSulotionsC -SIMTP="pid=767&cmpid=39452&plcmtid=553832&cveid=1361938" -Cargo=cid132 -SubChannel=CT3310511 -ConAsto
- '%TEMP%\nsm2.tmp\runme.exe'
- '%TEMP%\nsy5.tmp\BundleSweetIMSetup.exe' (загружен из сети Интернет)
- %TEMP%\nsy5.tmp\System.dll
- %PROGRAM_FILES%\YUVIDEO\Uninstall.exe
- %TEMP%\nsy5.tmp\BundleSweetIMSetup.exe
- %TEMP%\nsm2.tmp\test.txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\install_perion[1].php
- %TEMP%\nsm2.tmp\inetc.dll
- %TEMP%\nsm2.tmp\devxexec.exe
- %TEMP%\nsm2.tmp\runme.exe
- %TEMP%\nsm2.tmp\System.dll
- %TEMP%\nsy5.tmp\NSISdl.dll
- %TEMP%\nss4.tmp
- C:\temp\user\process.cmd
- %TEMP%\nsm2.tmp\runme.exe
- %TEMP%\nsm2.tmp\inetc.dll
- %TEMP%\nsm2.tmp\test.txt
- %TEMP%\nsm2.tmp\System.dll
- %TEMP%\nsm2.tmp\devxexec.exe
- %TEMP%\nsy5.tmp\NSISdl.dll
- %TEMP%\nsy5.tmp\BundleSweetIMSetup.exe
- C:\temp\user\process.cmd
- %TEMP%\nsy5.tmp\System.dll
- 'www.ch##zum.com':80
- 'cd#.####load.sweetpacks.com':80
- www.ch##zum.com/report/install_perion.php?us#######
- cd#.####load.sweetpacks.com/simsdm/bing/Agent/BundleSweetIMSetup.exe
- DNS ASK www.ch##zum.com
- DNS ASK cd#.####load.sweetpacks.com