Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup1\TM.lnk
- '%PROGRAM_FILES%\snss.exe'
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\123.bat" "
- '<SYSTEM32>\regsvr32.exe' /s "<SYSTEM32>\Thunder.dll"
- %PROGRAM_FILES%\Internet Explorer\<Имя вируса>.exe
- <SYSTEM32>\Thunder.dll
- %TEMP%\123.txt
- C:\2.lnk
- C:\1.lnk
- <SYSTEM32>\sysini.ini
- <SYSTEM32>\csys.dat
- %PROGRAM_FILES%\snss.exe
- %TEMP%\~DF6D0.tmp
- C:\2.lnk
- C:\1.lnk
- %TEMP%\123.txt в %TEMP%\123.bat
- 'www.so##009.com':80
- 'localhost':1035
- DNS ASK www.so##009.com