Техническая информация
- %APPDATA%\tsserver.exe (загружен из сети Интернет)
- %APPDATA%\ps.exe (загружен из сети Интернет)
- %APPDATA%\pl.exe (загружен из сети Интернет)
- %WINDIR%\explorer.exe http://www.sy#####ecurity.com.br/bradesco.php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\lk[1].txt
- %APPDATA%\ps.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\bradesco[1].php
- %APPDATA%\tsserver.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\ps[1].txt
- %APPDATA%\kWab.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\kWab[1].txt
- %APPDATA%\pl.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\pl[1].txt
- 'localhost':1038
- 'www.sy#####ecurity.com.br':80
- 'localhost':1035
- '20####.xpg.com.br':80
- 20####.xpg.com.br/lk.txt
- www.sy#####ecurity.com.br/bradesco.php
- 20####.xpg.com.br/ps.txt
- 20####.xpg.com.br/kWab.txt
- 20####.xpg.com.br/pl.txt
- DNS ASK www.sy#####ecurity.com.br
- DNS ASK 20####.xpg.com.br
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''