Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%TEMP%\yahoo.exe' = '%TEMP%\yahoo.exe:*:Enabled:yahoo.exe'
- '%TEMP%\yahoo.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%TEMP%\yahoo.exe" "yahoo.exe" ENABLE
- <LS_APPDATA>\IsolatedStorage\gv3eo3lo.4yd\iqbpagvy.l11\StrongName.jgqnkyhfm0vzrs0f4tmhizmxhuog4kya\AssemFiles\714832E2\Usages.bin
- <LS_APPDATA>\IsolatedStorage\gv3eo3lo.4yd\iqbpagvy.l11\StrongName.jgqnkyhfm0vzrs0f4tmhizmxhuog4kya\info.dat
- %TEMP%\yahoo.exe
- <LS_APPDATA>\IsolatedStorage\gv3eo3lo.4yd\iqbpagvy.l11\StrongName.jgqnkyhfm0vzrs0f4tmhizmxhuog4kya\identity.dat
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'