Техническая информация
- '%WINDIR%\iron.exe'
- '%WINDIR%\homet.exe'
- '%WINDIR%\homes.exe'
- '%TEMP%\is-V7J61.tmp\<Имя вируса>.tmp' /SL5="$40036,178117,56832,<Полный путь к вирусу>"
- '%TEMP%\is-452FV.tmp\<Имя вируса>.tmp' /SL5="$40092,178117,56832,<Полный путь к вирусу>" /SILENT
- '%WINDIR%\iron.exe' (загружен из сети Интернет)
- %WINDIR%\is-HJ26J.tmp
- %WINDIR%\is-SK4K6.tmp
- %WINDIR%\is-ODGKU.tmp
- %WINDIR%\unins000.dat
- %ALLUSERSPROFILE%\Desktop\Internet Explorer.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Internet Explorer Tarayэcэsэ'nэ Baюlat.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk
- %WINDIR%\iron.exe
- %TEMP%\is-KSHRM.tmp\itdownload.dll
- %TEMP%\is-KSHRM.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-V7J61.tmp\<Имя вируса>.tmp
- %TEMP%\is-452FV.tmp\<Имя вируса>.tmp
- %TEMP%\is-I3DBO.tmp\iron.exe
- %TEMP%\is-I3DBO.tmp\itdownload.dll
- %TEMP%\is-I3DBO.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-I3DBO.tmp\itdownload.dll
- %TEMP%\is-I3DBO.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-452FV.tmp\<Имя вируса>.tmp
- %TEMP%\is-I3DBO.tmp\iron.exe
- %TEMP%\is-KSHRM.tmp\itdownload.dll
- %TEMP%\is-KSHRM.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-V7J61.tmp\<Имя вируса>.tmp
- %WINDIR%\is-HJ26J.tmp в %WINDIR%\homet.exe
- %WINDIR%\is-SK4K6.tmp в %WINDIR%\homes.exe
- %WINDIR%\is-ODGKU.tmp в %WINDIR%\unins000.exe
- 'www.tv##.net':80
- www.tv##.net/dosyalar/yeni/iron.exe
- DNS ASK www.tv##.net
- ClassName: 'Shell_TrayWnd' WindowName: ''