Техническая информация
- '<SYSTEM32>\taskkill.exe' /im browser.exe
- '<SYSTEM32>\taskkill.exe' /im chrome.exe
- '<SYSTEM32>\cmd.exe' /c ""%WINDIR%\profonixv12333\sex_vine.cmd" "
- %WINDIR%\profonixv12333\script.js
- %WINDIR%\profonixv12333\manifest.json
- %WINDIR%\profonixv12333\jquery-1.9.1.min.js
- %PROGRAM_FILES%\5.2.312.3.123\pegbo pros\Uninstall.ini
- %PROGRAM_FILES%\5.2.312.3.123\pegbo pros\Uninstall.exe
- %WINDIR%\profonixv12333\sex_vine.cmd
- %WINDIR%\profonixv12333\icon.png
- C:\Users\%USERNAME%\AppData\Local\Google\Chrome\User Data\Default\Preferences
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- %WINDIR%\profonixv12333\background.js
- <LS_APPDATA>\Google\Chrome\User Data\Default\Preferences
- C:\Users\%USERNAME%\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- <SYSTEM32>\PerfStringBackup.TMP
- ClassName: '(null)' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'