Техническая информация
- '%TEMP%\ct3295790\ism.exe' -ctid=CT3295790
- '%TEMP%\nsf5.tmp\ns6.tmp' "%TEMP%\ct3295790\ism.exe" -ctid=CT3295790
- '%TEMP%\nsq3.tmp\mism.exe' -ctid=CT3295790
- '%TEMP%\ct3295790\ism.exe' (загружен из сети Интернет)
- %TEMP%\nsf5.tmp\nsExec.dll
- %TEMP%\ct3295790\ism.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\ism[1].exe
- %TEMP%\nsq3.tmp\System.dll
- %TEMP%\nsq3.tmp\nsDialogs.dll
- %TEMP%\nsf5.tmp\ns6.tmp
- C:\END
- %TEMP%\nsq3.tmp\mism.exe
- %TEMP%\nsq3.tmp\modern-wizard.bmp
- %TEMP%\nsl2.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\usage[1].htm
- %TEMP%\nsf5.tmp\InetC.dll
- %TEMP%\nsf5.tmp\System.dll
- %TEMP%\nsf5.tmp\nsExec.dll
- %TEMP%\nsf5.tmp\System.dll
- %TEMP%\nsf5.tmp\ns6.tmp
- %TEMP%\nsf5.tmp\InetC.dll
- 'st####e.conduit.com':80
- 'is######e.conduit-data.com':80
- st####e.conduit.com/ps/conduitinstaller/ism.exe
- is######e.conduit-data.com/usage.ashx
- DNS ASK st####e.conduit.com
- DNS ASK is######e.conduit-data.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'