Техническая информация
- [<HKLM>\SOFTWARE\Classes\PROTOCOLS\Filter\text/html] 'CLSID' = '{03415755-4F24-4022-B1C8-4116A0A145B1}'
- '%TEMP%\ha_80054.exe' "%WINDIR%\tempaq" 80054
- '%WINDIR%\tempaq' 80054
- '%TEMP%\SkypeClient.exe'
- '%TEMP%\ha_80054.exe'
- '%WINDIR%\tempaq' (загружен из сети Интернет)
- '<SYSTEM32>\regsvr32.exe' %WINDIR%\Thunder5_1.dll -s
- '<SYSTEM32>\regsvr32.exe' c:\C7540AA3.dll -s
- %TEMP%\tempaq
- C:\C7540AA3.dll
- %WINDIR%\Thunder5_1.dll
- C:\Fq860d.log
- %TEMP%\SkypeClient.exe
- %TEMP%\ha_80054.exe
- %WINDIR%\Thunder5_1.dll
- C:\C7540AA3.dll
- %TEMP%\tempaq в %WINDIR%\tempaq
- 'im###.yahoo550.com/image/logo.jpg?queryid=80054':80
- im###.yahoo550.com/image/logo.jpg?queryid=80054/image.yahoo550.com/image/logo.jpg?qu###########
- DNS ASK im###.yahoo550.com/image/logo.jpg?queryid=80054
- ClassName: 'MS_WINHELP' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'