Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windowlet' = '%PROGRAM_FILES%\Windowlet\windowlet.exe'
- '%PROGRAM_FILES%\Windowlet\wletins.exe' <Полный путь к вирусу>
- '<SYSTEM32>\cmd.exe' /c \fdos.bat
- %PROGRAM_FILES%\Windowlet\wletdo.ini
- %TEMP%\nsd2.tmp\System.dll
- C:\fdos.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\cnt_inst[1].htm
- %PROGRAM_FILES%\Windowlet\wletins.exe
- %PROGRAM_FILES%\Windowlet\Windowlet.exe
- %PROGRAM_FILES%\Windowlet\Windowlets.dll
- %PROGRAM_FILES%\Windowlet\Windowset.exe
- %PROGRAM_FILES%\Windowlet\Uninstall.exe
- %PROGRAM_FILES%\Windowlet\wletins.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\cnt_inst[1].htm
- %TEMP%\nsd2.tmp\System.dll
- 'wi###wlet.net':80
- wi###wlet.net/_app/cnt_inst.php
- DNS ASK wi###wlet.net