Техническая информация
- C:\pass\Rar.exe a -r C:\pass\pass.rar C:\pass\
- %WINDIR%\system.exe
- %WINDIR%\setup.exe
- %WINDIR%\regedit.exe -ea C:\pass\MailAgent\reg\agent.reg "HKEY_CURRENT_USER\software\Mail.Ru\Agent\magent_logins2
- <SYSTEM32>\attrib.exe C:\pass +h +s +r
- %WINDIR%\regedit.exe -ea C:\pass\MailAgent\reg\agent_3.reg "HKEY_CURRENT_USER\software\Mail.Ru\Agent\magent_logins3
- <SYSTEM32>\xcopy.exe Mra\Update\ver.txt C:\pass\MailAgent /K /H /G /Q /R /S /Y
- <SYSTEM32>\xcopy.exe Mra\Base C:\pass\MailAgent /K /H /G /Q /R /S /Y /E
- <SYSTEM32>\taskkill.exe /f /im opera.exe
- <SYSTEM32>\cmd.exe /c ""%TEMP%\5.tmp\system.bat" "
- <SYSTEM32>\taskkill.exe /f /im firefox.exe
- <SYSTEM32>\attrib.exe %WINDIR%\wincs +h +s +r
- <SYSTEM32>\taskkill.exe /f /im chrome.exe
- chrome.exe
- firefox.exe
- opera.exe
- %WINDIR%\wincs\blat.lib
- C:\pass\Mozilla\cookies.sqlite
- %WINDIR%\wincs\svchost.exe
- %WINDIR%\wincs\blat.dll
- C:\pass\Mozilla\key3.db
- C:\pass\Rar.exe
- C:\pass\pass.rar
- C:\pass\Mozilla\signons.sqlite
- C:\pass\Googlх\cookies.sqlite
- %TEMP%\5.tmp\system.bat
- %TEMP%\nss2.tmp\ExecDos.dll
- %WINDIR%\Rar.exe
- %WINDIR%\setup.exe
- %WINDIR%\License.exe
- %WINDIR%\blat.dll
- %WINDIR%\system.exe
- %TEMP%\nsn4.tmp\ExecDos.dll
- %WINDIR%\blat.lib
- %WINDIR%\svchost.exe
- %WINDIR%\Rar.exe
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: '' WindowName: ''