Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'yahoo' = '%WINDIR%\yahoo10.exe'
- '%WINDIR%\yahoo10.exe'
- '<Текущая директория>\yahoo10.exe'
- '<SYSTEM32>\netstat.exe'
- '<SYSTEM32>\ipconfig.exe' /all
- '<SYSTEM32>\cmd.exe' /c %WINDIR%\tgsadr.bat
- %WINDIR%\t6.txt
- %WINDIR%\t3.txt
- %WINDIR%\t7.txt
- %WINDIR%\tgsadr.txt
- %WINDIR%\dir.txt
- <Текущая директория>\yahoo10.exe
- %WINDIR%\yahoo10.exe
- %WINDIR%\t1.txt
- %WINDIR%\tgsadr.bat
- %WINDIR%\yahoo10.exe
- %WINDIR%\OEWABLog.txt
- %WINDIR%\tgsadr.txt
- %WINDIR%\dir.txt
- %TEMP%\~DF3B6F.tmp
- %WINDIR%\tgsadr.bat
- 'sm##.gmail.com':465
- DNS ASK sm##.gmail.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'