Техническая информация
- %TEMP%\Intel.exe (загружен из сети Интернет)
- %TEMP%\msdevk.exe
- <SYSTEM32>\ping.exe -n 3 127.0.0.1
- <SYSTEM32>\cmd.exe /c ""%TEMP%\Del.bat" "
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\FunshionInstall[1].exe
- %TEMP%\Intel.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\FunshionInstall[1].exe
- %PROGRAM_FILES%\FunshionInstall_C107941.exe
- %TEMP%\Del.dat
- %TEMP%\msdevk.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\ie[1].bmp
- %TEMP%\Del.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\FunshionInstall[1].exe
- %TEMP%\Del.dat
- 'localhost':1038
- 'd.##587.com':80
- 'vi#.#aqio.com':9999
- d.##587.com/FunshionInstall.exe
- d.##587.com/ie.bmp
- DNS ASK d.##587.com
- DNS ASK vi#.#aqio.com
- '<IP-адрес в локальной сети>':1034
- ClassName: 'Shell_TrayWnd' WindowName: ''