Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}\DownloadInformation] 'CODEBASE' = '%PROGRAM_FILES%\Yahoo!\Common\Yinsthelper.dll'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Microsoft WinUpdate' = '<SYSTEM32>\msupdte.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'wextract_cleanup0' = 'rundll32.exe <SYSTEM32>\advpack.dll,DelNodeRunDLL32 "%TEMP%\IXP000.TMP\"'
- '%PROGRAM_FILES%\Yahoo!\Common\YInstBroker.exe' /regserver
- '%TEMP%\IXP000.TMP\yahoo_toolbar_install_helper.exe'
- '%TEMP%\IXP000.TMP\testing.exe'
- %TEMP%\nst2.tmp\nsisProcMgr.dll
- %PROGRAM_FILES%\Yahoo!\Common\YInstHelper.dll
- %PROGRAM_FILES%\Yahoo!\Common\YInstBroker_ExePS.dll
- %PROGRAM_FILES%\Yahoo!\Common\YInstBroker.exe
- %TEMP%\IXP000.TMP\testing.exe
- %TEMP%\IXP000.TMP\yahoo_toolbar_install_helper.exe
- %TEMP%\nst2.tmp\System.dll
- <SYSTEM32>\msupdte.exe
- %TEMP%\IXP000.TMP\testing.exe
- %TEMP%\IXP000.TMP\yahoo_toolbar_install_helper.exe
- %TEMP%\nst2.tmp\nsisProcMgr.dll
- %TEMP%\nst2.tmp\System.dll
- 'lu##.#yffgoal.com':80
- lu##.#yffgoal.com/ppi/testing.exe
- DNS ASK lu##.#yffgoal.com
- ClassName: 'Shell_TrayWnd' WindowName: ''