Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'blackXSetup' = '%APPDATA%\svcsystem.exe'
- '%APPDATA%\svcsystem.exe'
- '%TEMP%\7zS1.tmp\Setup.exe'
- opera.exe
- safari.exe
- chrome.exe
- firefox.exe
- iexplore.exe
- <SYSTEM32>\d3d9caps.dat
- %TEMP%\7zS1.tmp\svcsystem.exe
- %TEMP%\7zS1.tmp\Setup.exe
- <SYSTEM32>\d3d9caps.tmp
- %TEMP%\354B8.dmp
- %TEMP%\dw.log
- %APPDATA%\svcsystem.exe
- %TEMP%\7zS1.tmp\Data.xml
- %TEMP%\7zS1.tmp\svcsystem.exe.config
- %TEMP%\7zS1.tmp\Setup.exe.config
- %TEMP%\7zS1.tmp\HtmlAgilityPack.xml
- %TEMP%\7zS1.tmp\System.Data.Entity.dll
- %TEMP%\7zS1.tmp\System.Data.DataSetExtensions.dll
- %TEMP%\7zS1.tmp\HtmlAgilityPack.dll
- <SYSTEM32>\d3d9caps.dat
- <SYSTEM32>\d3d9caps.tmp в <SYSTEM32>\d3d9caps.dat
- 'wp#d':80
- 'wh#####yipaddress.com':80
- 'localhost':1037
- 'br###free.net':80
- wh#####yipaddress.com/
- wp#d/wpad.dat
- br###free.net/ads.html
- DNS ASK wh#####yipaddress.com
- DNS ASK wp#d
- DNS ASK br###free.net
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'SysListView32' WindowName: ''