Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'simpol' = '%WINDIR%\simpol.exe'
- %WINDIR%\explor.exe
- %WINDIR%\simpol.exe
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\KHMHGZ4F\1j5M0Pk[1]
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\U98D4X8H\informatica[1]
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\2VAZY7AN\Informatica[1]
- 'localhost':1036
- 'bi#.ly':80
- 'am####anas.com.br':80
- 'ca####ahia.com.br':80
- http://bi#.ly/1j5M0Pk
- http://www.am####anas.com.br/loja/228190/informatica via am####anas.com.br
- http://www.ca####ahia.com.br/dep/Informatica?Fi######## via ca####ahia.com.br
- DNS ASK bi#.ly
- DNS ASK www.am####anas.com.br
- DNS ASK www.ca####ahia.com.br
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- '%WINDIR%\explor.exe'
- '%WINDIR%\simpol.exe'