Техническая информация
- '%TEMP%\stub.exe'
- '%TEMP%\stub.exe' (загружен из сети Интернет)
- %TEMP%\activation_key
- %TEMP%\nsz3.tmp\NSISdl.dll
- %TEMP%\stub.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\tbt1000[1].exe
- %TEMP%\nsz3.tmp\System.dll
- %TEMP%\nsk2.tmp
- <SYSTEM32>\srceqvxukwgkuk.dll-uninst.exe
- <SYSTEM32>\srceqvxukwgkuk.dll
- %TEMP%\nsz3.tmp\System.dll
- %TEMP%\nsz3.tmp\NSISdl.dll
- %TEMP%\activation_key
- '85.##.157.141':80
- 'localhost':1038
- 'my####search.com':80
- 85.##.157.141/updates/tbt1000.exe
- my####search.com/nsi.php?af######################
- DNS ASK my####search.com
- ClassName: '#32770' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'