Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%TEMP%\yahoo.exe' = '%TEMP%\yahoo.exe:*:Enabled:yahoo.exe'
- '%TEMP%\yahoo.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\yahoo.exe" "yahoo.exe" ENABLE
- <LS_APPDATA>\IsolatedStorage\0vkcfnwr.rgv\y03kmpka.2xw\StrongName.5ukqpih0ya0izltzmsyunlpmmggejxky\AssemFiles\8C926453\Usages.bin
- <LS_APPDATA>\IsolatedStorage\0vkcfnwr.rgv\y03kmpka.2xw\StrongName.5ukqpih0ya0izltzmsyunlpmmggejxky\info.dat
- %TEMP%\yahoo.exe
- <LS_APPDATA>\IsolatedStorage\0vkcfnwr.rgv\y03kmpka.2xw\StrongName.5ukqpih0ya0izltzmsyunlpmmggejxky\identity.dat
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'