Техническая информация
- '%WINDIR%\explorer.exe' /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
- '<SYSTEM32>\wermgr.exe' -queuereporting
- '%WINDIR%\explorer.exe' "http://21#.#3.21.219/trk/att.php?id#########
- '%WINDIR%\explorer.exe' "http://in######.bee.vimpelcom.ru/SubPages.aspx?pi######
- %TEMP%\Em9eKsAv.php.part
- %APPDATA%\Roaming\Mozilla\Firefox\Profiles\zp7tnb55.default\places.sqlite-wal
- <LS_APPDATA>\Mozilla\Firefox\Profiles\zp7tnb55.default\urlclassifier3.sqlite-journal
- %TEMP%\hSUydkFJ.php.part
- %TEMP%\igEGypIQ.aspx.part
- %APPDATA%\Roaming\Mozilla\Firefox\Profiles\zp7tnb55.default\prefs-1.js
- %APPDATA%\Roaming\Mozilla\Firefox\Profiles\zp7tnb55.default\sessionstore.bak
- %TEMP%\nsj1890.tmp\ShellLink.dll
- %TEMP%\nsj1890.tmp\System.dll
- <LS_APPDATA>\Mozilla\Firefox\Profiles\zp7tnb55.default\urlclassifier3.sqlite-journal
- %TEMP%\nsj1890.tmp\System.dll
- %TEMP%\nsj1890.tmp\ShellLink.dll
- '21#.#3.21.219':80
- 'in######.bee.vimpelcom.ru':80
- 'localhost':49158
- 'localhost':49160
- in######.bee.vimpelcom.ru/SubPages.aspx?pi######
- 21#.#3.21.219/trk/att.php?id#########
- DNS ASK in######.bee.vimpelcom.ru
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'OleMainThreadWndClass' WindowName: '(null)'
- ClassName: 'FirefoxMessageWindow' WindowName: '(null)'