Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\System.url
- '%APPDATA%\svcsystem.exe'
- '%TEMP%\RarSFX0\Setup.exe'
- chrome.exe
- iexplore.exe
- firefox.exe
- %APPDATA%\svcsystem.exe
- <SYSTEM32>\d3d9caps.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ads[1].html
- %TEMP%\399EF.dmp
- %TEMP%\dw.log
- <SYSTEM32>\d3d9caps.dat
- %TEMP%\RarSFX0\HtmlAgilityPack.dll
- %TEMP%\RarSFX0\svcsystem.exe
- %TEMP%\RarSFX0\HtmlAgilityPack.xml
- %TEMP%\RarSFX0\Data.xml
- %TEMP%\RarSFX0\Setup.exe
- <SYSTEM32>\d3d9caps.dat
- <SYSTEM32>\d3d9caps.tmp в <SYSTEM32>\d3d9caps.dat
- 'br###free.net':21
- 'wh#####yipaddress.com':80
- 'wp#d':80
- 'localhost':1035
- 'www.br###free.net':80
- wh#####yipaddress.com/
- wp#d/wpad.dat
- www.br###free.net/ads.html
- DNS ASK br###free.net
- DNS ASK wh#####yipaddress.com
- DNS ASK www.br###free.net
- DNS ASK wp#d
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'SysListView32' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'