Техническая информация
- <SYSTEM32>\BTStacFrr.exe (загружен из сети Интернет)
- <SYSTEM32>\BTStacLrj.exe (загружен из сети Интернет)
- <SYSTEM32>\config\sysmetreopas.exe
- <SYSTEM32>\rundll32.exe <SYSTEM32>\shell32.dll,OpenAs_RunDLL <SYSTEM32>\config\sysmetreopas.pps
- <SYSTEM32>\cmd.exe /c ""<SYSTEM32>\config\sysmetreopas.bat" "
- <SYSTEM32>\BTStacLrj.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\ppsoeaslrj[1].mp3
- <SYSTEM32>\BTStacFrr.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\ppsoeasfrr[1].mp3
- <SYSTEM32>\BTStacFwd.dll
- <SYSTEM32>\config\sysmetreopas.bat
- <SYSTEM32>\config\sysmetreopas.pps
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\ppsoeasdll[1].mp3
- <SYSTEM32>\config\sysmetreopas.exe
- 'em#####adeiralima.com':80
- 'localhost':1034
- em#####adeiralima.com/mod1/ppsoeasfrr.mp3
- em#####adeiralima.com/mod1/ppsoeasmsn.mp3
- em#####adeiralima.com/mod1/ppsoeasdll.mp3
- em#####adeiralima.com/mod1/ppsoeaslrj.mp3
- DNS ASK em#####adeiralima.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''