Техническая информация
- "%TEMP%\~nsuobw.tmp\Fun4IMV6.exe" (загружен из сети Интернет)
- %TEMP%\~nsuobw.tmp\Fun4IMV6.exe
- %TEMP%\~nsuobw.tmp\Fun4IMV6.exe.part
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\Fun4IMV6[1].exe
- %TEMP%\wsget.exe
- %TEMP%\~nsuobw.tmp\~data.tmp
- '21#.#19.149.6':80
- 'do####ad.bandoo.com':80
- 21#.#19.149.6/getofferbox.php?di######
- do####ad.bandoo.com/o/0/r/63/Fun4IMV6.exe
- DNS ASK do####ad.bandoo.com