Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\.NET Update Manager] 'Start' = '00000002'
- %TEMP%\nse2.tmp\ymsgr_suite_setup.exe /yfn=inf4D2.tmp /ybsini=%TEMP%\nse2.tmp\BOOTST~1.INI
- %TEMP%\inf4D2.tmp
- <SYSTEM32>\NetUpdate.exe
- %TEMP%\nse2.tmp\ymsgr_suite_setup.exe
- %TEMP%\nse2.tmp\Base64.dll
- %TEMP%\nse2.tmp\YExecShell.dll
- %TEMP%\nsb4.tmp\InetLoad_vms.dll
- %TEMP%\nsb4.tmp\System.dll
- <SYSTEM32>\NetUpdate.exe
- %TEMP%\inf4D2.tmp
- C:\activeService.txt
- %TEMP%\nse2.tmp\bootstrap.ini
- %TEMP%\nse2.tmp\System.dll
- '67.##5.160.76':80
- 67.##5.160.76/dl/msgr10/us/ymsgr10_us.ini?p=###
- DNS ASK do####ad.yahoo.com
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''