Техническая информация
- opera.exe
- chrome.exe
- firefox.exe
- %APPDATA%\Microsoft\Video\mokka.exe
- %APPDATA%\Microsoft\Video\1.bat
- %APPDATA%\Microsoft\Video\home.js
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\extensions\helper@helper\chrome\content\browser.xul
- %APPDATA%\Opera Software\Opera Stable\Extensions\dojgfgknadakhfnaogaipdbdamepeffe\0.9.3_0\home.js
- %APPDATA%\Opera Software\Opera Stable\Extensions\dojgfgknadakhfnaogaipdbdamepeffe\0.9.3_0\manifest.json
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\extensions\helper@helper\chrome\content\helper.js
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\extensions\helper@helper\chrome\content\linkTargetFinder.js
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\extensions\helper@helper\chrome.manifest
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\extensions\helper@helper\install.rdf
- '<SYSTEM32>\cmd.exe' /c ""%APPDATA%\Microsoft\Video\1.bat" MyNewApp "Microsoft Windows Video" "%APPDATA%\Microsoft\Video\mokka.exe" CRNJEUFU\%USERNAME%"
- '<SYSTEM32>\schtasks.exe' /Delete /TN "Microsoft Windows Video" /F
- '<SYSTEM32>\schtasks.exe' /Delete /TN GoogleUpdateTaskMachineCore /F
- '<SYSTEM32>\schtasks.exe' /Delete /TN GoogleUpdateTaskMachineUA /F
- '<SYSTEM32>\schtasks.exe' /Create /RU "CRNJEUFU\%USERNAME%" /RL "HIGHEST" /SC ONLOGON /TN "Microsoft Windows Video" /TR "\"%APPDATA%\Microsoft\Video\mokka.exe\" 500"