Техническая информация
- <SYSTEM32>\reg.exe EXPORT "HKEY_LOCAL_MACHINE\SOFTWARE\Blizzard Entertainment" C:\02-02-2012_--_blizzard.txt
- <SYSTEM32>\reg.exe EXPORT "HKEY_LOCAL_MACHINE\SOFTWARE\Ubisoft" C:\02-02-2012_--_ubisoft.txt
- <SYSTEM32>\ftp.exe -s:%TEMP%\sendtoftp.log
- <SYSTEM32>\reg.exe EXPORT "HKEY_LOCAL_MACHINE\SOFTWARE\GSC Game World" C:\02-02-2012_--_gsc.txt
- <SYSTEM32>\reg.exe EXPORT "HKEY_LOCAL_MACHINE\SOFTWARE\Electronic Arts" C:\02-02-2012_--_ea.txt
- <SYSTEM32>\reg.exe EXPORT "HKEY_LOCAL_MACHINE\SOFTWARE\THQ" C:\02-02-2012_--_thq.txt
- <SYSTEM32>\reg.exe EXPORT "HKEY_LOCAL_MACHINE\SOFTWARE\ACTIVISION" C:\02-02-2012_--_activision.txt
- <SYSTEM32>\reg.exe EXPORT "HKEY_LOCAL_MACHINE\SOFTWARE\Valve\" C:\02-02-2012_--_valve.txt
- <SYSTEM32>\reg.exe EXPORT "HKEY_CURRENT_USER\Software\HLSW\Player Names" C:\02-02-2012_--_hlsw_name.txt
- %TEMP%\sendtoftp.log
- %TEMP%\a82800.bat
- <LS_APPDATA>\Agent.exe
- %TEMP%\a82800.bat
- %TEMP%\a82800.bat
- <LS_APPDATA>\Agent.exe
- %TEMP%\sendtoftp.log
- <DRIVERS>\etc\hosts
- 'ft#.#rivehq.com':21
- 'localhost':1035
- DNS ASK FT#.#rivehq.com
- '<IP-адрес в локальной сети>':1036