Техническая информация
- '%TEMP%\runme.exe'
- '<SYSTEM32>\WScript.exe' "%TEMP%\test.vbs"
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\exec.cmd" "
- %TEMP%\nsiC1D9.tmp\ShellLink.dll
- %TEMP%\nsiC1D9.tmp\System.dll
- %TEMP%\bd60EB+H.php.part
- <LS_APPDATA>\Mozilla\Firefox\Profiles\zp7tnb55.default\urlclassifier3.sqlite-journal
- %APPDATA%\Roaming\Mozilla\Firefox\Profiles\zp7tnb55.default\downloads.sqlite
- %APPDATA%\Roaming\Mozilla\Firefox\Profiles\zp7tnb55.default\downloads.sqlite-journal
- %TEMP%\js.log
- %TEMP%\test.vbs
- %TEMP%\runme.exe
- %TEMP%\exec.cmd
- %APPDATA%\Roaming\Mozilla\Firefox\Profiles\zp7tnb55.default\prefs-1.js
- %APPDATA%\Roaming\Mozilla\Firefox\Profiles\zp7tnb55.default\places.sqlite-wal
- %APPDATA%\Roaming\Mozilla\Firefox\Profiles\zp7tnb55.default\sessionstore.bak
- <LS_APPDATA>\Mozilla\Firefox\Profiles\zp7tnb55.default\urlclassifier3.sqlite-journal
- %APPDATA%\Roaming\Mozilla\Firefox\Profiles\zp7tnb55.default\downloads.sqlite-journal
- %TEMP%\nsiC1D9.tmp\ShellLink.dll
- %TEMP%\nsiC1D9.tmp\System.dll
- 'ge###iles16.ru':80
- 'fx####s.mozilla.com':80
- 'localhost':49158
- 'localhost':49160
- fx####s.mozilla.com/en-US/firefox/headlines.xml
- ge###iles16.ru/file/download1.php
- DNS ASK fx####s.mozilla.com
- DNS ASK ge###iles16.ru
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'FirefoxMessageWindow' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'