Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'FeelWidget' = '%PROGRAM_FILES%\F2Day\Widget\fwidupdater.exe'
- %PROGRAM_FILES%\F2Day\Widget\fwidupdater.exe (загружен из сети Интернет)
- <SYSTEM32>\cmd.exe /c \DelUS.bat
- %WINDIR%\fwiddeldll.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\upsetting[1].dat
- C:\DelUS.bat
- %PROGRAM_FILES%\F2Day\Widget\fwiddll.dll
- %PROGRAM_FILES%\F2Day\Widget\fwiduninst.exe
- %PROGRAM_FILES%\F2Day\Widget\fwidupdater.exe
- %PROGRAM_FILES%\F2Day\Widget\fwidalimi.exe
- 'do##.#eel2day.com':80
- do##.#eel2day.com/widget/main/webmain/fwiddll.dll
- do##.#eel2day.com/widget/main/webmain/fwiddeldll.exe
- do##.#eel2day.com/widget/main/webmain/upsetting.dat
- do##.#eel2day.com/widget/main/webmain/fwiduninst.exe
- do##.#eel2day.com/widget/main/webmain/fwidupdater.exe
- do##.#eel2day.com/widget/main/webmain/fwidalimi.exe
- DNS ASK do##.#eel2day.com