Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'GanYahoo' = '%WINDIR%\yahoo blocker.exe'
- ClassName: '' WindowName: 'Yahoo! Messenger'
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\YIF7DGLM\info_48[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\3U23MFC9\httpErrorPagesScripts[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\23BUYPX5\bullet[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\UEWNTWLX\background_gradient[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\23BUYPX5\errorPageStrings[1]
- %WINDIR%\yahoo blocker.exe
- %TEMP%\~DF9F7DFD2007AB8675.TMP
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\UEWNTWLX\ErrorPageTemplate[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\YIF7DGLM\navcancl[1]
- DNS ASK dn#.##ftncsi.com
- DNS ASK pc##.#oze-meshki.ir
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''