Техническая информация
- '<Текущая директория>\2.jpg'
- '<SYSTEM32>\ntvdm.exe' -f -i1
- %TEMP%\nss3.tmp\down.png
- %TEMP%\nss3.tmp\finish.png
- %TEMP%\nss3.tmp\go.png
- %TEMP%\nss3.tmp\delete.png
- %TEMP%\nss3.tmp\cancel2.png
- %TEMP%\nss3.tmp\change.png
- %TEMP%\nss3.tmp\check-box.png
- %TEMP%\nss3.tmp\go2.png
- %TEMP%\nss3.tmp\jindutiao.png
- %TEMP%\nss3.tmp\logo.png
- %TEMP%\nss3.tmp\up.png
- %TEMP%\nss3.tmp\jieya_button2.png
- %TEMP%\nss3.tmp\img_01.png
- %TEMP%\nss3.tmp\input_01.png
- %TEMP%\nss3.tmp\jieya_button.png
- %TEMP%\nss3.tmp\cancel.png
- %WINDIR%\Temp\scs4.tmp
- %WINDIR%\Temp\scs5.tmp
- %TEMP%\nss3.tmp\PageIo.ini
- %TEMP%\nss3.tmp\NSISdl.dll
- <Текущая директория>\2.jpg
- %WINDIR%\УгУгУ°Тф_58_4347.exe
- %TEMP%\nsm2.tmp
- %TEMP%\nss3.tmp\KillProcDLL.dll
- %TEMP%\nss3.tmp\go.html
- %TEMP%\nss3.tmp\bg.png
- %TEMP%\nss3.tmp\bg_02.png
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\yuyut[1].php
- %TEMP%\nss3.tmp\DialogEx.dll
- %TEMP%\nss3.tmp\System.dll
- %TEMP%\nss3.tmp\Inetc.dll
- %WINDIR%\Temp\scs5.tmp
- %WINDIR%\Temp\scs4.tmp
- 'to###i.yuyu.com':80
- 'do####ad.yuyu.com':80
- to###i.yuyu.com/yuyut.php
- do####ad.yuyu.com/0507/setup.html
- DNS ASK to###i.yuyu.com
- DNS ASK do####ad.yuyu.com
- ClassName: '#32770' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'ConsoleWindowClass' WindowName: 'ntvdm-a78.a7c.380001'