Техническая информация
- '%WINDIR%\kurulumyeni.exe'
- '%WINDIR%\homet.exe'
- '%WINDIR%\homes.exe'
- '%TEMP%\is-I6UNC.tmp\<Имя вируса>.tmp' /SL5="$30092,178117,56832,<Полный путь к вирусу>"
- '%TEMP%\is-6U1L7.tmp\<Имя вируса>.tmp' /SL5="$50036,178117,56832,<Полный путь к вирусу>" /SILENT
- '%WINDIR%\kurulumyeni.exe' (загружен из сети Интернет)
- %WINDIR%\is-LBO0K.tmp
- %WINDIR%\is-AG838.tmp
- %WINDIR%\is-62AED.tmp
- %WINDIR%\unins000.dat
- %ALLUSERSPROFILE%\Desktop\Internet Explorer.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Internet Explorer Tarayэcэsэ'nэ Baюlat.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk
- %WINDIR%\kurulumyeni.exe
- %TEMP%\is-L658C.tmp\itdownload.dll
- %TEMP%\is-L658C.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-I6UNC.tmp\<Имя вируса>.tmp
- %TEMP%\is-6U1L7.tmp\<Имя вируса>.tmp
- %TEMP%\is-3F94M.tmp\kurulumyeni.exe
- %TEMP%\is-3F94M.tmp\itdownload.dll
- %TEMP%\is-3F94M.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-3F94M.tmp\kurulumyeni.exe
- %TEMP%\is-3F94M.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-6U1L7.tmp\<Имя вируса>.tmp
- %TEMP%\is-3F94M.tmp\itdownload.dll
- %TEMP%\is-L658C.tmp\itdownload.dll
- %TEMP%\is-L658C.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-I6UNC.tmp\<Имя вируса>.tmp
- %WINDIR%\is-LBO0K.tmp в %WINDIR%\homet.exe
- %WINDIR%\is-AG838.tmp в %WINDIR%\homes.exe
- %WINDIR%\is-62AED.tmp в %WINDIR%\unins000.exe
- 'www.tv##.net':80
- www.tv##.net/dosyalar/kurulumyeni.exe
- DNS ASK www.tv##.net
- ClassName: 'Shell_TrayWnd' WindowName: ''