Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'bar' = 'C:\Temp\91337e03-fc3f-4959-b06c-3e832a2545fc\OfferApp-2507.exe'
- C:\Temp\91337e03-fc3f-4959-b06c-3e832a2545fc\OfferApp-2507.exe /SP- /suppressmsgboxes /verysilent /noicons /norestart
- C:\Temp\91337e03-fc3f-4959-b06c-3e832a2545fc\OfferApp-2507.exe
- C:\Temp\91337e03-fc3f-4959-b06c-3e832a2545fc\OfferApp-2507.exe
- 'ta####toolbar.com':80
- ta####toolbar.com/eula.cgi?BU#####################################################################################
- DNS ASK ta####toolbar.com