Техническая информация
- %WINDIR%\Temp\Virus.exe
- %WINDIR%\Temp\hack.exe
- <SYSTEM32>\taskkill.exe /im chrome.exe
- <SYSTEM32>\taskkill.exe /im iexplore.exe
- <SYSTEM32>\cmd.exe /c ""%WINDIR%\Temp\browsers.bat" "
- <SYSTEM32>\wscript.exe "%WINDIR%\Temp\invisible.vbs" "%WINDIR%\Temp\cookies.bat"
- <SYSTEM32>\taskkill.exe /im mozilla.exe
- <SYSTEM32>\taskkill.exe /im opera.exe
- <SYSTEM32>\cmd.exe /c ""%WINDIR%\Temp\cookies.bat" "
- <SYSTEM32>\taskkill.exe /im safari.exe
- <SYSTEM32>\xcopy.exe /s /y %WINDIR%\Temp\hosts.bat C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\"Start Menu"\Programs\Startup
- <SYSTEM32>\cmd.exe /c ""%WINDIR%\Temp\apps.bat" "
- <SYSTEM32>\wscript.exe "%WINDIR%\Temp\invisible.vbs" "%WINDIR%\Temp\internet.bat"
- <SYSTEM32>\cmd.exe /c ""%WINDIR%\Temp\server.bat" "
- <SYSTEM32>\wscript.exe "%WINDIR%\Temp\invisible.vbs" "%WINDIR%\Temp\apps.bat"
- <SYSTEM32>\cmd.exe /c ""%WINDIR%\Temp\copy.bat" "
- <SYSTEM32>\wscript.exe "%WINDIR%\Temp\invisible.vbs" "%WINDIR%\Temp\browsers.bat"
- <SYSTEM32>\cmd.exe /c ""%WINDIR%\Temp\internet.bat" "
- <SYSTEM32>\wscript.exe "%WINDIR%\Temp\invisible.vbs" "%WINDIR%\Temp\copy.bat"
- %WINDIR%\Temp\server.bat
- %WINDIR%\Temp\invisible.vbs
- %WINDIR%\Temp\apps.bat
- %WINDIR%\Temp\cookies.bat
- %WINDIR%\Temp\browsers.bat
- %WINDIR%\Temp\hack.exe
- %WINDIR%\Temp\Virus.exe
- %WINDIR%\Temp\copy.bat
- %WINDIR%\Temp\internet.bat
- %WINDIR%\Temp\hosts.bat
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''