Техническая информация
- '%TEMP%\d70KLrQfgdEMhtVoyEiV7.exe'
- '%TEMP%\server.exe'
- '%TEMP%\ccleaner.exe'
- '%TEMP%\d70KLrQfgdEMhtVoyEiV7.exe' (загружен из сети Интернет)
- %TEMP%\nsg3.tmp\modern-header.bmp
- %TEMP%\nsg3.tmp\g\pfWWW.dll
- %TEMP%\nsg3.tmp\g\gcombo\combo-offer.png
- %TEMP%\nsg3.tmp\modern-wizard.bmp
- %TEMP%\d70KLrQfgdEMhtVoyEiV7.exe
- %TEMP%\nsg3.tmp\nsDialogs.dll
- %TEMP%\nsg3.tmp\ButtonEvent.dll
- %TEMP%\nsg3.tmp\g\gcombo\ComboOffer.html
- %TEMP%\nsg2.tmp
- %TEMP%\server.exe
- %TEMP%\ccleaner.exe
- %TEMP%\nsg3.tmp\System.dll
- %TEMP%\nsg3.tmp\g\gcapi_dll.dll
- %TEMP%\nsg3.tmp\g\gtapi_signed.dll
- %TEMP%\nsg3.tmp\UserInfo.dll
- 'rg##st.net':80
- 'wp#d':80
- rg##st.net/download/57593758/e12b7b962a62def9334e25f0ad4543a74c2ac98e/222222222.exe
- wp#d/wpad.dat
- DNS ASK rg##st.net
- DNS ASK wp#d
- ClassName: '#32770' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''