Техническая информация
- '%TEMP%\nst3.tmp\ef.exe' "%TEMP%\nst3.tmp\inetc.dll" -1103
- '%TEMP%\nst3.tmp\pp.exe' /pid=1103
- '%TEMP%\nst3.tmp\ns5.tmp' %TEMP%\nst3.tmp\ef.exe "%TEMP%\nst3.tmp\inetc.dll" -1103
- '%TEMP%\nst3.tmp\ns4.tmp' %TEMP%\nst3.tmp\mf.exe "%TEMP%\nst3.tmp\inetc.dll"
- '%TEMP%\nst3.tmp\mf.exe' "%TEMP%\nst3.tmp\inetc.dll"
- '%TEMP%\nst3.tmp\pp.exe' (загружен из сети Интернет)
- %TEMP%\nst3.tmp\inetc.dll.out
- %TEMP%\nst3.tmp\ns4.tmp
- %TEMP%\nst3.tmp\ef.exe
- %TEMP%\nst3.tmp\pp.exe
- %TEMP%\nst3.tmp\ns5.tmp
- %TEMP%\nst3.tmp\nsExec.dll
- %TEMP%\nst3.tmp\System.dll
- %TEMP%\nse2.tmp
- %TEMP%\nst3.tmp\mf.exe
- %TEMP%\nst3.tmp\inetc.dll.out1
- %TEMP%\nst3.tmp\inetc.dll.out0
- %TEMP%\nst3.tmp\inetc.dll.out1
- %TEMP%\nst3.tmp\inetc.dll.out0
- %TEMP%\nst3.tmp\nsExec.dll
- %TEMP%\nst3.tmp\System.dll
- %TEMP%\nst3.tmp\pp.exe
- %TEMP%\nst3.tmp\mf.exe
- %TEMP%\nst3.tmp\ns4.tmp
- %TEMP%\nst3.tmp\ns5.tmp
- %TEMP%\nst3.tmp\ef.exe
- %TEMP%\nst3.tmp\inetc.dll
- %TEMP%\nst3.tmp\inetc.dll.out в %TEMP%\nst3.tmp\inetc.dll
- 'www.wi###weak.com':80
- www.wi###weak.com/downloads/pp.exe?s=####
- DNS ASK www.wi###weak.com
- ClassName: 'Shell_TrayWnd' WindowName: ''