Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'gidle' = '""%TEMP%\gtalk.exe""'
- "%TEMP%\out.exe" (загружен из сети Интернет)
- %TEMP%\nsl5.tmp\dxvataskbar.bmp
- %TEMP%\nsl5.tmp\splash.bmp
- %TEMP%\nsl5.tmp\dxva.ini
- %TEMP%\nsl5.tmp\atilogo.bmp
- %TEMP%\nsl5.tmp\custompage.ini
- %TEMP%\nsl5.tmp\modern-header.bmp
- %TEMP%\nsl5.tmp\AdvSplash.dll
- %TEMP%\out.exe
- %TEMP%\gtalk.exe
- %TEMP%\nsp3.tmp\NSISdl.dll
- %TEMP%\nsp2.tmp
- %TEMP%\CoreAVC 2.5.5 Professional Edition-Setup.exe
- %TEMP%\nsl5.tmp\cudalogo.bmp
- %TEMP%\nsl5.tmp\cudataskbar.bmp
- %TEMP%\nsl5.tmp\serial.ini
- %TEMP%\nsl5.tmp\cuda.ini
- %TEMP%\nsp3.tmp\NSISdl.dll
- 'dl.##opbox.com':80
- dl.##opbox.com/u/37944645/out.exe
- DNS ASK dl.##opbox.com
- ClassName: '#32770' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''