Техническая информация
- '%WINDIR%\irontest.exe'
- '%WINDIR%\homet.exe'
- '%WINDIR%\homes.exe'
- '%TEMP%\is-BN809.tmp\<Имя вируса>.tmp' /SL5="$30092,178117,56832,<Полный путь к вирусу>"
- '%TEMP%\is-JBS2I.tmp\<Имя вируса>.tmp' /SL5="$50036,178117,56832,<Полный путь к вирусу>" /SILENT
- '%WINDIR%\irontest.exe' (загружен из сети Интернет)
- %WINDIR%\is-J5U8D.tmp
- %WINDIR%\is-CCLB8.tmp
- %WINDIR%\is-FLPDF.tmp
- %WINDIR%\unins000.dat
- %ALLUSERSPROFILE%\Desktop\Internet Explorer.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Internet Explorer Tarayэcэsэ'nэ Baюlat.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk
- %WINDIR%\irontest.exe
- %TEMP%\is-0695G.tmp\itdownload.dll
- %TEMP%\is-0695G.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-BN809.tmp\<Имя вируса>.tmp
- %TEMP%\is-JBS2I.tmp\<Имя вируса>.tmp
- %TEMP%\is-FEPPO.tmp\irontest.exe
- %TEMP%\is-FEPPO.tmp\itdownload.dll
- %TEMP%\is-FEPPO.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-FEPPO.tmp\itdownload.dll
- %TEMP%\is-FEPPO.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-JBS2I.tmp\<Имя вируса>.tmp
- %TEMP%\is-FEPPO.tmp\irontest.exe
- %TEMP%\is-0695G.tmp\itdownload.dll
- %TEMP%\is-0695G.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-BN809.tmp\<Имя вируса>.tmp
- %WINDIR%\is-J5U8D.tmp в %WINDIR%\homet.exe
- %WINDIR%\is-CCLB8.tmp в %WINDIR%\homes.exe
- %WINDIR%\is-FLPDF.tmp в %WINDIR%\unins000.exe
- 'www.tv##.net':80
- www.tv##.net/dosyalar/yeni/irontest.exe
- DNS ASK www.tv##.net
- ClassName: 'Shell_TrayWnd' WindowName: ''