Техническая информация
- %PROGRAM_FILES%\pipi_204_104417.exe /sp- /verysilent /suppressmsgboxes /norestart
- %PROGRAM_FILES%\FunshionInstall_C54240.exe /S
- %PROGRAM_FILES%\pipi_204_104417.exe (загружен из сети Интернет)
- %PROGRAM_FILES%\FunshionInstall_C54240.exe (загружен из сети Интернет)
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\pipi_204_104417[1].exe
- %PROGRAM_FILES%\pipi_204_104417.exe
- %PROGRAM_FILES%\FunshionInstall_C54240.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\download[1].php
- 'www.do####englingxiu.cn':80
- 'ne#####.funshion.com':80
- 'localhost':1036
- www.do####englingxiu.cn/pipi_204_104417.exe
- ne#####.funshion.com/software/download.php?id########################################
- DNS ASK www.do####englingxiu.cn
- DNS ASK ne#####.funshion.com
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''