Техническая информация
- '%TEMP%\Server.exe' (загружен из сети Интернет)
- '%TEMP%\is-P61BA.tmp\TempSetup_Tabuk_Fb_Sniper_Trial_2_0.tmp' /SL5="$200E0,2234566,152064,%HOMEPATH%\Local Settings\TempSetup_Tabuk_Fb_Sniper_Trial_2_0.exe"
- '%HOMEPATH%\Local Settings\TempSetup_Tabuk_Fb_Sniper_Trial_2_0.exe'
- '%TEMP%\Server.exe'
- %TEMP%\is-P61BA.tmp\TempSetup_Tabuk_Fb_Sniper_Trial_2_0.tmp
- %HOMEPATH%\Local Settings\TempSetup_Tabuk_Fb_Sniper_Trial_2_0.exe
- %TEMP%\Server.exe
- 'ww####.zippyshare.com':80
- 'wp#d':80
- http://ww####.zippyshare.com/d/rvmW7jP8/7146833/Server.exe
- http://11#.#11.111.1/wpad.dat via wp#d
- DNS ASK ww####.zippyshare.com
- DNS ASK wp#d
- ClassName: 'Shell_TrayWnd' WindowName: ''