Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'BTStacPgn' = '%HOMEPATH%\BTStacPgn.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'VWGlVrmNB' = '%HOMEPATH%\VWGlVrmNB.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'SmgWnCE' = '%HOMEPATH%\SmgWnCE.exe'
- '%HOMEPATH%\BTStacPgn.exe'
- '%HOMEPATH%\VWGlVrmNB.exe'
- '%HOMEPATH%\SmgWnCE.exe'
- '%HOMEPATH%\UFStartIfo.exe'
- '%HOMEPATH%\BTStacPgn.exe' (загружен из сети Интернет)
- '%HOMEPATH%\VWGlVrmNB.exe' (загружен из сети Интернет)
- '%HOMEPATH%\UFStartIfo.exe' (загружен из сети Интернет)
- '%HOMEPATH%\SmgWnCE.exe' (загружен из сети Интернет)
- %HOMEPATH%\VWGlVrmNB.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\bandamagnificos[1].mp3
- %HOMEPATH%\BTStacPgn.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\mastruzcomleite[1].mp3
- %HOMEPATH%\UFStartIfo.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\julionascimento[1].mp3
- %HOMEPATH%\SmgWnCE.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\avioesdoforro[1].mp3
- 'tr####noalegria.com':80
- 'localhost':1036
- tr####noalegria.com/musicanova/bandamagnificos.mp3
- tr####noalegria.com/musicanova/mastruzcomleite.mp3
- tr####noalegria.com/musicanova/julionascimento.mp3
- tr####noalegria.com/musicanova/avioesdoforro.mp3
- DNS ASK tr####noalegria.com
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''