Техническая информация
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '%WINDIR%\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe' /silent /codebase "%APPDATA%\Founder Systems\ie2.dll"
- firefox.exe
- opera.exe
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\extensions\helper@helper\chrome\content\helper.js
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\extensions\helper@helper\chrome\content\browser.xul
- %TEMP%\tmp2.tmp
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\extensions\helper@helper\chrome\content\linkTargetFinder.js
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\extensions\helper@helper\icon.png
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\extensions\helper@helper\install.rdf
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\extensions\helper@helper\chrome.manifest
- %APPDATA%\Founder Systems\manifest.json
- %APPDATA%\Founder Systems\home.js
- %TEMP%\tmp1.tmp
- %APPDATA%\Founder Systems\icon_32.png
- %APPDATA%\Founder Systems\ie2.dll
- %APPDATA%\Founder Systems\icon.png
- %APPDATA%\Founder Systems\icon_16.png
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp1.tmp
- %TEMP%\tmp2.tmp
- DNS ASK wp#d