Technical Information
- '<Full path to virus>'
- '<Full path to virus>' (downloaded from the Internet)
- <Full path to virus>
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\FHStarter[1].MZђ
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\version[1].txt
- from <Full path to virus> to <Full path to virus>.old
- 'to###.#allenheroes.de':80
- to###.#allenheroes.de/starter/FHStarter.MZ?
- to###.#allenheroes.de/starter/version.txt
- DNS ASK to###.#allenheroes.de
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'