Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\BlackCloudService] 'ImagePath' = '"%ProgramFiles%\BlackCloud\bcservice.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\BlackCloudService] 'Start' = '00000002'
- '%ProgramFiles%\BlackCloud\bcservice.exe' (загружен из сети Интернет)
- '%ProgramFiles%\BlackCloud\bcservice.exe'
- '<SYSTEM32>\schtasks.exe' /Create /RU SYSTEM /SC ONSTART /TN BCService /TR "%ProgramFiles%\BlackCloud\update.exe" /F /DELAY 0001:00 /RL HIGHEST
- %ProgramFiles%\BlackCloud\update.exe
- %ProgramFiles%\BlackCloud\bcservice.exe
- %ProgramFiles%\BlackCloud\uid.dat
- <Текущая директория>\new_update.exe
- <Текущая директория>\update_debug.log
- 'ww##.diablo.lt':80
- http://ww##.diablo.lt/con/files/user_client.exe
- http://ww##.diablo.lt/con/files/update.exe
- DNS ASK ww##.diablo.lt
- ClassName: 'Shell_TrayWnd' WindowName: ''