Техническая информация
- '<Текущая директория>\hpremover.exe' -aff_id=remover
- iexplore.exe
- java.exe
- javaw.exe
- firefox.exe
- kb_cli.ex
- kb_cli.exe
- chrome.exe
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\prefsnew.js
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\prefs_backup.js
- %PROGRAM_FILES%\Internet Explorer\icons\Arama.ico
- <Текущая директория>\hpremover.exe
- %HOMEPATH%\Desktop\Internet Explorer.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\prefs.js
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\prefsnew.js в %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\prefs.js
- 'cn####ertising.com':80
- 'localhost':1038
- cn####ertising.com/track/track_h.php?af##################################################################
- DNS ASK cn####ertising.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''