Техническая информация
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\WinUrl.url
- %ALLUSERSPROFILE%\Application Data\{b2051649-6415-f5a9-6f6a-1cc162d30b19}\services_update.exe
- %ALLUSERSPROFILE%\Application Data\{b2051649-6415-f5a9-6f6a-1cc162d30b19}\services_update.exe
- 'wp#d':80
- '5.###.231.110':80
- http://11#.#11.111.1/wpad.dat via wp#d
- http://5.###.231.110/supreme/files/toolset.txt
- DNS ASK wp#d
- '<SYSTEM32>\schtasks.exe' /create /tn WinUrl /tr C:\\Documents and Settings\\All Users\\Application Data\\{b2051649-6415-f5a9-6f6a-1cc162d30b19}\\services_update.exe /sc minute /F