Техническая информация
- [\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Mozilla' = 'rundll32.exe "%TEMP%\Mozilla\xzwxggbwp.dll",DllRegisterServer'
- [\REGISTRY\USER\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Mozilla' = 'rundll32.exe "%TEMP%\Mozilla\xzwxggbwp.dll",DllRegisterServer'
- [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Mozilla' = 'rundll32.exe "%TEMP%\Mozilla\xzwxggbwp.dll",DllRegisterServer'
- firefox.exe
- %TEMP%\nskcd9b.tmp
- %TEMP%\nsfcdcb.tmp\xzwxggbwp.dll
- %TEMP%\mozilla\xzwxggbwp.dll
- %HOMEPATH%\application data\mozilla\firefox\profiles\0j9e9tku.default-release\extensions\qyqbkjsgfa@qyqbkjsgfa.org.xpi
- %HOMEPATH%\application data\mozilla\firefox\profiles\bcjnbgva.default\extensions\qyqbkjsgfa@qyqbkjsgfa.org.xpi
- %HOMEPATH%\application data\mozilla\firefox\profiles\yfwt7ezn.default-release-1\extensions\qyqbkjsgfa@qyqbkjsgfa.org.xpi
- %HOMEPATH%\local settings\application data\google\chrome\user data\local state
- %HOMEPATH%\local settings\application data\google\chrome\user data\default\default\aagbdcdedggeggdbgedbdbgbdegedfgf\contentscript.js
- %HOMEPATH%\local settings\application data\google\chrome\user data\default\default\aagbdcdedggeggdbgedbdbgbdegedfgf\background.html
- %HOMEPATH%\local settings\application data\google\chrome\user data\default\default\aagbdcdedggeggdbgedbdbgbdegedfgf\manifest.json
- '%WINDIR%\syswow64\rundll32.exe' "%TEMP%\nsfCDCB.tmp\xzwxggbwp.dll",DllRegisterServer i
- '%WINDIR%\syswow64\rundll32.exe' "%TEMP%\Mozilla\xzwxggbwp.dll",DllRegisterServer