Техническая информация
- <Текущая директория>\hpremover.exe -aff_id=remover
- iexplore.exe
- firefox.exe
- chrome.exe
- %PROGRAM_FILES%\Internet Explorer\icons\Arama.ico
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\track_h[1].php
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\prefs_backup.js
- <Текущая директория>\hpremover.exe
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\prefsnew.js
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\prefs.js
- 'cn####ertising.com':80
- 'localhost':1036
- cn####ertising.com/track/track_h.php?af##################################################################
- DNS ASK cn####ertising.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''