Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'tasklost' = '%PROGRAM_FILES% (x86)\Internet Explorer\pt-BR\iedv\common\config\tasklost.exe'
- '%PROGRAM_FILES% (x86)\Internet Explorer\pt-BR\iedv\common\config\tasklost.exe'
- '%PROGRAM_FILES% (x86)\Internet Explorer\pt-BR\iedv\common\config\tasklost.exe' (загружен из сети Интернет)
- %PROGRAM_FILES% (x86)\Internet Explorer\pt-BR\iedv\common\config\winilog.exe
- %PROGRAM_FILES% (x86)\Internet Explorer\pt-BR\iedv\common\config\ionic.zip.dll
- %PROGRAM_FILES% (x86)\Internet Explorer\pt-BR\iedv\common\config\tasklost.exe
- 'sm##.live.com':587
- 'fi###.####k-cipher.webnode.com.br':80
- 'wp#d':80
- fi###.####k-cipher.webnode.com.br/200000024-4c3d64d377/ionic.zip.dll.mp3
- fi###.####k-cipher.webnode.com.br/200000028-d94a3db3e4/winilog.exe.mp3
- wp#d/wpad.dat
- fi###.####k-cipher.webnode.com.br/200000027-23a7224a11/tasklost.exe.mp3
- DNS ASK sm##.live.com
- DNS ASK fi###.####k-cipher.webnode.com.br
- DNS ASK wp#d
- ClassName: 'Indicator' WindowName: '(null)'