Техническая информация
- '%TEMP%\nsb2.tmp\ymsgr_suite_setup.exe' /yfn=msgr11us.exe /ybsini=%TEMP%\nsb2.tmp\BOOTST~1.INI
- '<SYSTEM32>\12345.exe'
- '<SYSTEM32>\msgr11us.exe'
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- %TEMP%\nsy4.tmp\InetLoad_vms.dll
- %TEMP%\nsy4.tmp\System.dll
- %TEMP%\nsb2.tmp\YExecShell.dll
- %TEMP%\nsy4.tmp\nsd5.tmp.htm
- %TEMP%\nsy4.tmp\nsj8.tmp.htm
- %TEMP%\nsy4.tmp\nsy7.tmp.htm
- %TEMP%\nsy4.tmp\nsv6.tmp.htm
- %TEMP%\nsb2.tmp\System.dll
- <SYSTEM32>\msgr11us.exe
- <SYSTEM32>\12345.exe
- %TEMP%\nsb2.tmp\sqlite3.dll
- %TEMP%\nsb2.tmp\ymsgr_suite_setup.exe
- %TEMP%\nsb2.tmp\Base64.dll
- %TEMP%\nsb2.tmp\bootstrap.ini
- %TEMP%\nsy4.tmp\nsj8.tmp.htm
- %TEMP%\nsy4.tmp\nsy7.tmp.htm
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\messenger.yahoo[1]
- %TEMP%\nsy4.tmp\nsd5.tmp.htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\messenger.yahoo[1]
- %TEMP%\nsy4.tmp\nsv6.tmp.htm
- '67.##5.160.76':80
- '67.##5.160.76':443
- 67.##5.160.76/
- DNS ASK me####ger.yahoo.com
- DNS ASK rd.####ware.yahoo.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''