Техническая информация
- '%TEMP%\rd.exe' /PID=707 /SUBPID=0 /NETWORKID=1 /DISTID=800 /CID=0 /PRODUCT_ID=715 /SERVER_URL=`omn7).`ar\&b^rp_qrepdfah,`il /CLICKID= /D1=NUMBER /D2=NUMBER /D3=NUMBER /D4=NUMBER /D5=NUMBER /PRODUCT_PRIVACY= /PRODUCT_EULA= /PRODUCT_NAME= /EXE_URL= /EXE_CMDLINE= /HOST_BROWSER=1 /THANKYOU_URL= /TIME=1405777612 /VM=2 /DS1= /IS_RUNTIME=true /RETURNING_USER_DAYS=2 /IS_DYNAMIC_ENCRYPTED=true
- '%TEMP%\alarmclock_setup.exe'
- '%TEMP%\cs.exe' -i -x
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\91398215497.txt bios get serialnumber
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '2500' = '00000003'
- %TEMP%\nsp2.tmp\nsisunz.dll
- %TEMP%\rd.zip
- %TEMP%\instructionsAVG3rs.exe
- %TEMP%\tmp4.tmp
- %TEMP%\tmp3.tmp
- %TEMP%\nsp2.tmp\Convert.dll
- %APPDATA%\Diagnostics\Diagnostics.dll
- %TEMP%\cs.exe
- %APPDATA%\Diagnostics\ie9lib.dll
- %TEMP%\instructionsAVG3rs.dat
- %TEMP%\alarmclock_setup.exe
- %TEMP%\rd.zip
- %TEMP%\tmp3.tmp
- %TEMP%\instructionsAVG3rs.dat
- %APPDATA%\Diagnostics\ie9lib.dll
- %TEMP%\cs.exe
- %TEMP%\instructionsAVG3rs.exe в %TEMP%\rd.exe
- '31.##1.24.121':80
- 31.##1.24.121/s?id###########################################################################################################################################################################################################################