Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Yownsyh' = '"%TEMP%\EditorLineEnds.exe"'
- %TEMP%\UpApp32.dll
- %TEMP%\EditorLineEnds.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\flashplayer[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\book[1].png
- %TEMP%\UpApp32.dll
- 'localhost':1039
- 'uv####ts.narod.ru':80
- 'localhost':1037
- 'www.ad##e.com':80
- uv####ts.narod.ru/php/book.png
- www.ad##e.com/products/flashplayer/
- DNS ASK uv####ts.narod.ru
- DNS ASK www.ad##e.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''