Техническая информация
- '%TEMP%\nsg2.tmp\clearn.exe' /s=123456 /pid=8FFACAD2-DDEE-4542-88B3-496C3280E4C8 /fid=en
- firefox.exe
- %TEMP%\nsg2.tmp\ZipDLL.dll
- %TEMP%\nsg2.tmp\ffex\ffwebex.xpi
- %TEMP%\pixgi
- %TEMP%\nsg2.tmp\clearn.exe
- %TEMP%\nsg2.tmp\System.dll
- %TEMP%\nsg2.tmp\nsProcess.dll
- %TEMP%\nsg2.tmp\safed.dll
- %TEMP%\nsg2.tmp\safet.dll
- %TEMP%\nsg2.tmp\safet.dll
- %TEMP%\nsg2.tmp\safed.dll
- %TEMP%\nsg2.tmp\ZipDLL.dll
- %TEMP%\nsg2.tmp\System.dll
- %TEMP%\nsg2.tmp\clearn.exe
- %TEMP%\pixgi
- %TEMP%\nsg2.tmp\nsProcess.dll
- %TEMP%\nsg2.tmp\ffex\ffwebex.xpi
- 'tr###.#edia-traffic.net':80
- 'al#####elivermore.com':80
- tr###.#edia-traffic.net/pin.gif?e=###############################################################
- al#####elivermore.com/adn.php?s=###########
- DNS ASK tr###.#edia-traffic.net
- DNS ASK al#####elivermore.com
- ClassName: '#32770' WindowName: ''