Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'nso2e8el4j' = '%HOMEPATH%\nso2e8el4j\12612.vbs'
- %HOMEPATH%\Start Menu\Programs\Startup\start.lnk
- '%HOMEPATH%\nso2e8el4j\acrob32.exe' ueeAenOsY.XNJ
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe'
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- %HOMEPATH%\nso2e8el4j\12612.vbs
- %HOMEPATH%\nso2e8el4j\40235.cmd
- %TEMP%\P3eigH82cw.ini
- %HOMEPATH%\nso2e8el4j\run.vbs
- %HOMEPATH%\nso2e8el4j\acrob32.exe
- %HOMEPATH%\nso2e8el4j\XazHbU.GAC
- %HOMEPATH%\nso2e8el4j\hULxVqOJNb.VLQ
- %HOMEPATH%\nso2e8el4j\ueeAenOsY.XNJ
- %HOMEPATH%\nso2e8el4j\12612.vbs
- %HOMEPATH%\nso2e8el4j\40235.cmd
- %HOMEPATH%\Start Menu\Programs\Startup\start.lnk
- %HOMEPATH%\nso2e8el4j\hULxVqOJNb.VLQ
- %HOMEPATH%\nso2e8el4j\XazHbU.GAC
- %HOMEPATH%\nso2e8el4j\acrob32.exe
- %HOMEPATH%\nso2e8el4j\ueeAenOsY.XNJ
- %TEMP%\P3eigH82cw.ini
- 'be###r.uni.me':80
- be###r.uni.me/hnd/images/ico/png/maroni/i/index.php?ac###########################################################
- DNS ASK be###r.uni.me
- ClassName: '(null)' WindowName: 'Yahoo! Messenger'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'