Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'ytbsys' = '<LS_APPDATA>\TempYtbn\ytbsys.exe'
- '<LS_APPDATA>\TempYtbn\ytb_oc.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1004' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1201' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1001' = '00000000'
- [<HKCU>\Software\Microsoft\Internet Explorer\Download] 'CheckExeSignatures' = 'no'
- [<HKCU>\Software\Microsoft\Internet Explorer\Download] 'RunInvalidSignatures' = '00000001'
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\UEWNTWLX\NewErrorPageTemplate[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\YIF7DGLM\dnserrordiagoff[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\3U23MFC9\httpErrorPagesScripts[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\23BUYPX5\errorPageStrings[1]
- <LS_APPDATA>\TempYtbn\Interop.SHDocVw.dll
- <LS_APPDATA>\TempYtbn\ytb_oc.exe
- %TEMP%\nsmD855.tmp\System.dll
- <LS_APPDATA>\TempYtbn\ytbsys.exe
- <LS_APPDATA>\TempYtbn\ytb_c.exe
- DNS ASK dn#.##ftncsi.com
- DNS ASK www.ap###illa.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''