Техническая информация
- '%TEMP%\nsk3.tmp\ef.exe' "%TEMP%\nsk3.tmp\inetc.dll" -1138
- '%TEMP%\nsk3.tmp\pp.exe' /pid=1138
- '%TEMP%\nsk3.tmp\ns5.tmp' %TEMP%\nsk3.tmp\ef.exe "%TEMP%\nsk3.tmp\inetc.dll" -1138
- '%TEMP%\nsk3.tmp\ns4.tmp' %TEMP%\nsk3.tmp\mf.exe "%TEMP%\nsk3.tmp\inetc.dll"
- '%TEMP%\nsk3.tmp\mf.exe' "%TEMP%\nsk3.tmp\inetc.dll"
- '%TEMP%\nsk3.tmp\pp.exe' (загружен из сети Интернет)
- %TEMP%\nsk3.tmp\inetc.dll.out
- %TEMP%\nsk3.tmp\ns4.tmp
- %TEMP%\nsk3.tmp\ef.exe
- %TEMP%\nsk3.tmp\pp.exe
- %TEMP%\nsk3.tmp\ns5.tmp
- %TEMP%\nsk3.tmp\nsExec.dll
- %TEMP%\nsk3.tmp\System.dll
- %TEMP%\nsk2.tmp
- %TEMP%\nsk3.tmp\mf.exe
- %TEMP%\nsk3.tmp\inetc.dll.out1
- %TEMP%\nsk3.tmp\inetc.dll.out0
- %TEMP%\nsk3.tmp\inetc.dll.out1
- %TEMP%\nsk3.tmp\inetc.dll.out0
- %TEMP%\nsk3.tmp\nsExec.dll
- %TEMP%\nsk3.tmp\System.dll
- %TEMP%\nsk3.tmp\pp.exe
- %TEMP%\nsk3.tmp\mf.exe
- %TEMP%\nsk3.tmp\ns4.tmp
- %TEMP%\nsk3.tmp\ns5.tmp
- %TEMP%\nsk3.tmp\ef.exe
- %TEMP%\nsk3.tmp\inetc.dll
- %TEMP%\nsk3.tmp\inetc.dll.out в %TEMP%\nsk3.tmp\inetc.dll
- 'www.wi###weak.com':80
- www.wi###weak.com/downloads/pp.exe?s=####
- DNS ASK www.wi###weak.com
- ClassName: 'Shell_TrayWnd' WindowName: ''