Техническая информация
- '%APPDATA%\Zona\tmp\130864359336093750jre_packed.exe' %PROGRAM_FILES%\Zona
- '%APPDATA%\Zona\tmp\130864359336093750jre_packed.exe' (загружен из сети Интернет)
- '<SYSTEM32>\cscript.exe' //NoLogo %TEMP%\hd.vbs
- %PROGRAM_FILES%\Zona\License_uk.rtf
- %PROGRAM_FILES%\Zona\License_en.rtf
- %APPDATA%\Zona\tmp\130864359336093750jre_packed.exe
- %PROGRAM_FILES%\Zona\License_ru.rtf
- %TEMP%\hd.vbs
- %TEMP%\pin5.tmp
- %PROGRAM_FILES%\Zona\utils.jar
- 'dl.##nainst.com':80
- 'st##.#iniload.org':80
- http://dl.##nainst.com/jre_packed.exe
- http://st##.#iniload.org/getActiveCampaigns?us##################
- DNS ASK dl.##nainst.com
- DNS ASK st##.#iniload.org
- ClassName: 'Shell_TrayWnd' WindowName: ''