Technical Information
- <SYSTEM32>\cdosys.dll
- <SYSTEM32>\dllcache\cdosys.dll with <SYSTEM32>\dllcache\cdosys.dll.new
- <SYSTEM32>\cdosys.dll with <SYSTEM32>\cdosys.dll.new
- hidden files
- file extensions
- Windows Task Manager (Taskmgr)
- %WINDIR%\rar\WinRAR.exe a -t -m0 -r -y -ibck %WINDIR%\system.rar %WINDIR%\CS7\
- <SYSTEM32>\regsvr32.exe /s cdosys.dll
- <SYSTEM32>\rundll32.exe <SYSTEM32>\shimgvw.dll,ImageView_Fullscreen %WINDIR%\1.jpg
- <SYSTEM32>\wscript.exe "%WINDIR%\cs7.vbe"
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\cookies.sqlite
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\downloads.sqlite
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\compatibility.ini
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\content-prefs.sqlite
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\formhistory.sqlite
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\key3.db
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\extensions.ini
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\extensions.sqlite
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\chromeappsstore.sqlite
- %WINDIR%\CS7\Explorer\index.dat
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\bookmarkbackups\bookmarks-2011-11-10.json
- %WINDIR%\Firefox\cwdgt0y8.default\webappsstore.sqlite
- <SYSTEM32>\cdosys.dll.new
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\chrome\userChrome-example.css
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\chrome\userContent-example.css
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\bookmarks.html
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\cert8.db
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\signons.sqlite
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\webappsstore.sqlite
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\sessionstore.bak
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\sessionstore.js
- %TEMP%\tmp1.tmp
- %TEMP%\tmp2.tmp
- <SYSTEM32>\dllcache\cdosys.dll.new
- %WINDIR%\system.rar
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\secmod.db
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\permissions.sqlite
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\places.sqlite
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\localstore.rdf
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\mimeTypes.rdf
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\search.json
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\search.sqlite
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\pluginreg.dat
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\prefs.js
- %WINDIR%\Firefox\cwdgt0y8.default\chrome\userChrome-example.css
- %WINDIR%\Firefox\cwdgt0y8.default\chrome\userContent-example.css
- %WINDIR%\Firefox\cwdgt0y8.default\bookmarks.html
- %WINDIR%\Firefox\cwdgt0y8.default\cert8.db
- %WINDIR%\Firefox\cwdgt0y8.default\content-prefs.sqlite
- %WINDIR%\Firefox\cwdgt0y8.default\cookies.sqlite
- %WINDIR%\Firefox\cwdgt0y8.default\chromeappsstore.sqlite
- %WINDIR%\Firefox\cwdgt0y8.default\compatibility.ini
- %WINDIR%\Firefox\cwdgt0y8.default\bookmarkbackups\bookmarks-2011-11-10.json
- %WINDIR%\rar\rarreg.key
- %WINDIR%\rar\WinRAR.exe
- %WINDIR%\cs7.vbe
- %WINDIR%\1.jpg
- %HOMEPATH%\Recent\WINDOWS.lnk
- %WINDIR%\Explorer\index.dat
- %WINDIR%\cdosys.dll
- %HOMEPATH%\Recent\1.lnk
- %WINDIR%\Firefox\cwdgt0y8.default\search.json
- %WINDIR%\Firefox\cwdgt0y8.default\search.sqlite
- %WINDIR%\Firefox\cwdgt0y8.default\pluginreg.dat
- %WINDIR%\Firefox\cwdgt0y8.default\prefs.js
- %WINDIR%\Firefox\cwdgt0y8.default\sessionstore.js
- %WINDIR%\Firefox\cwdgt0y8.default\signons.sqlite
- %WINDIR%\Firefox\cwdgt0y8.default\secmod.db
- %WINDIR%\Firefox\cwdgt0y8.default\sessionstore.bak
- %WINDIR%\Firefox\cwdgt0y8.default\places.sqlite
- %WINDIR%\Firefox\cwdgt0y8.default\extensions.sqlite
- %WINDIR%\Firefox\cwdgt0y8.default\formhistory.sqlite
- %WINDIR%\Firefox\cwdgt0y8.default\downloads.sqlite
- %WINDIR%\Firefox\cwdgt0y8.default\extensions.ini
- %WINDIR%\Firefox\cwdgt0y8.default\mimeTypes.rdf
- %WINDIR%\Firefox\cwdgt0y8.default\permissions.sqlite
- %WINDIR%\Firefox\cwdgt0y8.default\key3.db
- %WINDIR%\Firefox\cwdgt0y8.default\localstore.rdf
- %WINDIR%\cs7.vbe
- %WINDIR%\Firefox\cwdgt0y8.default\extensions.ini
- %WINDIR%\Firefox\cwdgt0y8.default\downloads.sqlite
- %WINDIR%\Firefox\cwdgt0y8.default\cookies.sqlite
- %WINDIR%\Firefox\cwdgt0y8.default\extensions.sqlite
- %WINDIR%\Firefox\cwdgt0y8.default\localstore.rdf
- %WINDIR%\Firefox\cwdgt0y8.default\key3.db
- %WINDIR%\Firefox\cwdgt0y8.default\formhistory.sqlite
- %WINDIR%\Firefox\cwdgt0y8.default\content-prefs.sqlite
- %WINDIR%\Firefox\cwdgt0y8.default\cert8.db
- %WINDIR%\Firefox\cwdgt0y8.default\bookmarks.html
- %WINDIR%\Firefox\cwdgt0y8.default\bookmarkbackups\bookmarks-2011-11-10.json
- %WINDIR%\Firefox\cwdgt0y8.default\chrome\userChrome-example.css
- %WINDIR%\Firefox\cwdgt0y8.default\compatibility.ini
- %WINDIR%\Firefox\cwdgt0y8.default\chromeappsstore.sqlite
- %WINDIR%\Firefox\cwdgt0y8.default\chrome\userContent-example.css
- %WINDIR%\Firefox\cwdgt0y8.default\mimeTypes.rdf
- %WINDIR%\Firefox\cwdgt0y8.default\webappsstore.sqlite
- %WINDIR%\Firefox\cwdgt0y8.default\signons.sqlite
- %WINDIR%\Firefox\cwdgt0y8.default\sessionstore.js
- %WINDIR%\1.jpg
- %WINDIR%\cs7.vbe
- %WINDIR%\system.rar
- %WINDIR%\cdosys.dll
- %WINDIR%\Firefox\cwdgt0y8.default\sessionstore.bak
- %WINDIR%\Firefox\cwdgt0y8.default\pluginreg.dat
- %WINDIR%\Firefox\cwdgt0y8.default\places.sqlite
- %WINDIR%\Firefox\cwdgt0y8.default\permissions.sqlite
- %WINDIR%\Firefox\cwdgt0y8.default\prefs.js
- %WINDIR%\Firefox\cwdgt0y8.default\secmod.db
- %WINDIR%\Firefox\cwdgt0y8.default\search.sqlite
- %WINDIR%\Firefox\cwdgt0y8.default\search.json
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\downloads.sqlite
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\cookies.sqlite
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\content-prefs.sqlite
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\extensions.ini
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\key3.db
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\formhistory.sqlite
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\extensions.sqlite
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\compatibility.ini
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\bookmarks.html
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\bookmarkbackups\bookmarks-2011-11-10.json
- %WINDIR%\CS7\Explorer\index.dat
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\cert8.db
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\chromeappsstore.sqlite
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\chrome\userContent-example.css
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\chrome\userChrome-example.css
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\localstore.rdf
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\signons.sqlite
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\sessionstore.js
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\sessionstore.bak
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\webappsstore.sqlite
- %WINDIR%\Explorer\index.dat
- %WINDIR%\rar\WinRAR.exe
- %WINDIR%\rar\rarreg.key
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\secmod.db
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\places.sqlite
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\permissions.sqlite
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\mimeTypes.rdf
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\pluginreg.dat
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\search.sqlite
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\search.json
- %WINDIR%\CS7\Firefox\cwdgt0y8.default\prefs.js
- '94.##0.191.201':25
- DNS ASK sm##.mail.ru
- ClassName: 'ShImgVw:CPreviewWnd' WindowName: ''
- ClassName: 'WinRarWindow' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''