Техническая информация
- %TEMP%\sqlite3.exe "%APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\search.sqlite" "UPDATE engine_data SET name = 'order' WHERE engineid LIKE '%google%'"
- %TEMP%\nsl5.tmp\ns6.tmp schtasks /create /sc minute /mo 60 /tn "Updater" /tr "\"%ALLUSERSPROFILE%\Application Data\Update\seupd.exe\"" /ru "System"
- %ALLUSERSPROFILE%\Application Data\Update\seupd.exe
- %TEMP%\nss3.tmp\ns4.tmp %TEMP%\sqlite3.exe "%APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\search.sqlite" "UPDATE engine_data SET name = 'order' WHERE engineid LIKE '%google%'"
- <SYSTEM32>\schtasks.exe /create /sc minute /mo 60 /tn "Updater" /tr "\"%ALLUSERSPROFILE%\Application Data\Update\seupd.exe\"" /ru "System"
- %TEMP%\nsl5.tmp\NSISdl.dll
- %TEMP%\nss3.tmp\registry.dll
- %TEMP%\nss3.tmp\System.dll
- %TEMP%\nsl5.tmp\ns6.tmp
- %TEMP%\nsl5.tmp\nsExec.dll
- %TEMP%\aaaa.txt
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\search.sqlite-journal
- %PROGRAM_FILES%\Mozilla Firefox\searchplugins\google_search.xml
- %TEMP%\sqlite3.exe
- %ALLUSERSPROFILE%\Application Data\Update\seupd.exe
- %TEMP%\nss3.tmp\ns4.tmp
- %TEMP%\nss3.tmp\nsExec.dll
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\user.js
- %TEMP%\nss3.tmp\registry.dll
- %TEMP%\nss3.tmp\System.dll
- %TEMP%\aaaa.txt
- %TEMP%\nss3.tmp\nsExec.dll
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\search.sqlite-journal
- %TEMP%\nss3.tmp\ns4.tmp
- %TEMP%\sqlite3.exe
- 'www.se###hthis.net':80
- www.se###hthis.net/reg/1020
- DNS ASK www.se###hthis.net
- '<IP-адрес в локальной сети>':1035