Техническая информация
- %WINDIR%\bart\ctfmon.exe (загружен из сети Интернет)
- %WINDIR%\bart\steal.exe (загружен из сети Интернет) /stext %WINDIR%\bart\pass.txt
- %WINDIR%\bart\steal.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\WebBrowserPassView1[1].exe
- %WINDIR%\bart\ctfmon.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\novo[1].exe
- <SYSTEM32>\libmySQL50.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\libmySQL50[1].dll
- <SYSTEM32>\libmysql.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\libmysql[1].dll
- 'co####ebrasil.org':80
- 'dl.##opbox.com':80
- 'localhost':1035
- co####ebrasil.org//plugins/system/WebBrowserPassView1.exe
- dl.##opbox.com/u/31328211/novo.exe
- dl.##opbox.com/u/31328211/libmySQL50.dll
- dl.##opbox.com/u/31328211/libmysql.dll
- DNS ASK co####ebrasil.org
- DNS ASK dl.##opbox.com
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'TApplication' WindowName: 'Internet Explorer -2'
- ClassName: 'MS_AutodialMonitor' WindowName: ''