Техническая информация
- '<SYSTEM32>\wermgr.exe' -queuereporting
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\64AB.tmp\Q.bat" "
- <LS_APPDATA>\Mozilla\Firefox\Profiles\zp7tnb55.default\urlclassifier3.sqlite-journal
- %TEMP%\JNCk5Niw.php.part
- %APPDATA%\Roaming\Mozilla\Firefox\Profiles\zp7tnb55.default\places.sqlite-wal
- %APPDATA%\Roaming\Mozilla\Firefox\Profiles\zp7tnb55.default\downloads.sqlite
- %APPDATA%\Roaming\Mozilla\Firefox\Profiles\zp7tnb55.default\downloads.sqlite-journal
- %TEMP%\64AB.tmp\js.log
- %APPDATA%\Roaming\Mozilla\Firefox\Profiles\zp7tnb55.default\prefs-1.js
- %TEMP%\64AB.tmp\Q.bat
- %TEMP%\nsk94C1.tmp\ShellLink.dll
- %TEMP%\nsk94C1.tmp\System.dll
- %APPDATA%\Roaming\Mozilla\Firefox\Profiles\zp7tnb55.default\sessionstore.bak
- <LS_APPDATA>\Mozilla\Firefox\Profiles\zp7tnb55.default\urlclassifier3.sqlite-journal
- %APPDATA%\Roaming\Mozilla\Firefox\Profiles\zp7tnb55.default\downloads.sqlite-journal
- %TEMP%\nsk94C1.tmp\System.dll
- %TEMP%\64AB.tmp\Q.bat
- %TEMP%\nsk94C1.tmp\ShellLink.dll
- 'sp####amedia.com':80
- 'fx####s.mozilla.com':80
- 'localhost':49158
- 'localhost':49160
- fx####s.mozilla.com/en-US/firefox/headlines.xml
- sp####amedia.com/anti-ask_ru/main.php?s=#####
- DNS ASK fx####s.mozilla.com
- DNS ASK sp####amedia.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'OleMainThreadWndClass' WindowName: ''
- ClassName: 'FirefoxMessageWindow' WindowName: ''