Техническая информация
- '%TEMP%\Funshion_setup.exe' /S
- '%TEMP%\setup_h2001943.exe' /S
- '%TEMP%\update.exe'
- '%TEMP%\Funshion_setup.exe' (загружен из сети Интернет)
- '%TEMP%\setup_h2001943.exe' (загружен из сети Интернет)
- '<SYSTEM32>\attrib.exe' +s +h "<Имя диска съемного носителя>:\fontpage"
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\3.tmp\encrypt.bat" "
- %TEMP%\setup_h2001943.exe
- %TEMP%\3.tmp\encrypt.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\mycf[1]
- %TEMP%\Funshion_setup.exe
- %TEMP%\23
- %TEMP%\nsd2.tmp\System.dll
- %TEMP%\nsd2.tmp\NSISdl.dll
- %TEMP%\update.exe
- %TEMP%\nsd2.tmp\NSISdl.dll
- %TEMP%\nsd2.tmp\System.dll
- %TEMP%\setup_h2001943.exe
- %TEMP%\Funshion_setup.exe
- 'localhost':1039
- 'www.my##.info':80
- 'cp#.#38wan.com':80
- 'ne#####.funshion.com':80
- www.my##.info/
- ne#####.funshion.com/download/silent/67230/FunshionInstall.exe
- cp#.#38wan.com/setup_h2001943.exe
- DNS ASK www.my##.info
- DNS ASK ne#####.funshion.com
- DNS ASK cp#.#38wan.com
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'IEFrame' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'