Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '{e7f101e1-3167-bf1a-29ac-a987dd67b8c2}' = '<SYSTEM32>\Rundll32.exe "<SYSTEM32>\{e69113e2-1313-d8c2-4470-5d6478798841}.dll" DllStart'
- <SYSTEM32>\rundll32.exe "<SYSTEM32>\{e69113e2-1313-d8c2-4470-5d6478798841}.dll" DllStart
- <SYSTEM32>\{e69113e2-1313-d8c2-4470-5d6478798841}.dll-uninst.exe
- %TEMP%\nsn3.tmp\NSISdl.dll
- %TEMP%\activation_key
- %TEMP%\nsn2.tmp
- %TEMP%\nsn3.tmp\System.dll
- <SYSTEM32>\{e69113e2-1313-d8c2-4470-5d6478798841}.dll
- %TEMP%\nsn3.tmp\System.dll
- %TEMP%\nsn3.tmp\NSISdl.dll
- %TEMP%\activation_key
- 'ad#.###getedbanner.biz':80
- ad#.###getedbanner.biz/bc/nsi_install.php?af#############################################################################
- DNS ASK ad#.###getedbanner.biz
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''