Техническая информация
- %PROGRAM_FILES%\FunshionInstall_C1385.exe (загружен из сети Интернет) /S
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\download[1].php
- %TEMP%\nsa2.tmp\KillProcDLL.dll
- %PROGRAM_FILES%\FunshionInstall_C1385.exe
- %TEMP%\nsa2.tmp\inetc.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\download[1].php
- %TEMP%\nsa2.tmp\KillProcDLL.dll
- %TEMP%\nsa2.tmp\inetc.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\download[1].php
- 'ne#####.funshion.com':80
- ne#####.funshion.com/software/download.php?id#######################################
- DNS ASK ne#####.funshion.com
- ClassName: 'Shell_TrayWnd' WindowName: ''