Техническая информация
- %TEMP%\6949559\ymdc.exe /guid
- %TEMP%\GLB3.tmp 4736 %TEMP%\nsd2.tmp\MSGR8F~1.EXE
- %TEMP%\nsd2.tmp\msgr8fr.2008.03.28.01.exe
- [<HKCU>\Software\yahoo\pager]
- %TEMP%\6949559\~GLH0008.TMP
- %TEMP%\6949559\~GLH0009.TMP
- %TEMP%\6949559\~GLH0007.TMP
- %TEMP%\6949559\~GLH0005.TMP
- %TEMP%\6949559\~GLH0006.TMP
- %TEMP%\6949559\~GLH000a.TMP
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\bill1_anim[1].gif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\bill1_text_fr[1].gif
- %TEMP%\nskE.tmp\Base64.dll
- %TEMP%\nskE.tmp\System.dll
- %TEMP%\GLC4.tmp
- %TEMP%\GLK5.tmp
- %TEMP%\GLB3.tmp
- %TEMP%\nsd2.tmp\System.dll
- %TEMP%\nsd2.tmp\msgr8fr.2008.03.28.01.exe
- %TEMP%\GLM6.tmp
- %TEMP%\6949559\~GLH0003.TMP
- %TEMP%\6949559\~GLH0004.TMP
- %TEMP%\6949559\~GLH0002.TMP
- %TEMP%\6949559\~GLH0000.TMP
- %TEMP%\6949559\~GLH0001.TMP
- %TEMP%\nskE.tmp\System.dll
- %TEMP%\nskE.tmp\Base64.dll
- '67.##5.160.76':80
- 'us.##.yimg.com':80
- 'localhost':1035
- 67.##5.160.76/ycontent/stats.php?ve###################################################################
- us.##.yimg.com/us.yimg.com/i/us/msg/8/bill/bill1_text_fr.gif
- us.##.yimg.com/us.yimg.com/i/us/msg/8/bill/bill1_anim.gif
- DNS ASK in#####.msg.yahoo.com
- DNS ASK us.##.yimg.com
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''