Техническая информация
- '%TEMP%\nso2.tmp\clearn.exe' /s=123456 /pid=0C6EACA8-4253-43D0-A9A1-E2B07CCEA5A3 /fid=
- firefox.exe
- %TEMP%\nso2.tmp\ZipDLL.dll
- %TEMP%\nso2.tmp\ffex\ffwebex.xpi
- %TEMP%\lablog
- %TEMP%\nso2.tmp\clearn.exe
- %TEMP%\nso2.tmp\System.dll
- %TEMP%\nso2.tmp\nsProcess.dll
- %TEMP%\nso2.tmp\safed.dll
- %TEMP%\nso2.tmp\safet.dll
- %TEMP%\nso2.tmp\safet.dll
- %TEMP%\nso2.tmp\safed.dll
- %TEMP%\nso2.tmp\ZipDLL.dll
- %TEMP%\nso2.tmp\System.dll
- %TEMP%\nso2.tmp\clearn.exe
- %TEMP%\lablog
- %TEMP%\nso2.tmp\nsProcess.dll
- %TEMP%\nso2.tmp\ffex\ffwebex.xpi
- 'tr###.#edia-traffic.net':80
- 'al#####elivermore.com':80
- tr###.#edia-traffic.net/pin.gif?e=#########################################################################
- al#####elivermore.com/adn.php?s=###########
- DNS ASK tr###.#edia-traffic.net
- DNS ASK al#####elivermore.com
- ClassName: '#32770' WindowName: ''