Техническая информация
- "%TEMP%\FunshionInstall.exe" (загружен из сети Интернет)
- "%TEMP%\txtbook.exe" (загружен из сети Интернет)
- %WINDIR%\regedit.exe -s ""%TEMP%\ime""
- %WINDIR%\ime\vbs\pp.vbs
- %WINDIR%\ime\netsecc\ime.dll
- %PROGRAM_FILES%\Internet Explorer\22.ico
- %TEMP%\FunshionInstall.exe
- %TEMP%\txtbook.exe
- %TEMP%\nsl2.tmp\NSISdl.dll
- %PROGRAM_FILES%\Internet Explorer\21.ico
- %TEMP%\22
- %TEMP%\21
- %TEMP%\nsl2.tmp\System.dll
- %WINDIR%\ime\vbs\pp
- %WINDIR%\ime\netsecc\cc
- %TEMP%\ime
- %TEMP%\nsl2.tmp\NSISdl.dll
- %TEMP%\nsl2.tmp\System.dll
- %TEMP%\txtbook.exe
- %TEMP%\FunshionInstall.exe
- 'ne#####.funshion.com':80
- 'bo##.17wyd.com':80
- ne#####.funshion.com/download/silent/67230/FunshionInstall.exe
- bo##.17wyd.com/down_100/setup_0.exe
- DNS ASK ne#####.funshion.com
- DNS ASK bo##.17wyd.com
- ClassName: 'RegEdit_RegEdit' WindowName: ''