Техническая информация
- Компонент восстановления системы (SR)
- <SYSTEM32>\taskkill.exe /F /IM YahooMessenger.exe
- <SYSTEM32>\rundll32.exe InetCpl.cpl,ClearMyTracksByProcess 16
- <SYSTEM32>\rundll32.exe InetCpl.cpl,ClearMyTracksByProcess 255
- YahooMessenger.exe
- [<HKCU>\Software\yahoo\pager]
- ClassName: '' WindowName: 'Yahoo! Messenger'
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\onlineuser[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\server[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\clinettxt[1].php
- 'dl.##foz.org':80
- 'localhost':1036
- dl.##foz.org/server.php
- dl.##foz.org/key.php
- dl.##foz.org/clinettxt.php
- dl.##foz.org/onlineuser.php
- DNS ASK dl.##foz.org
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''