Техническая информация
- <SYSTEM32>\windnews.exe
- <SYSTEM32>\loag1.exe
- <SYSTEM32>\windnews22.exe
- <SYSTEM32>\pluguin1.exe
- <SYSTEM32>\rede1.exe
- <SYSTEM32>\loag1.exe (загружен из сети Интернет)
- <SYSTEM32>\pluguin1.exe (загружен из сети Интернет)
- <SYSTEM32>\windnews.exe (загружен из сети Интернет)
- <SYSTEM32>\rede1.exe (загружен из сети Интернет)
- ClassName: 'TDeDeMainForm' WindowName: ''
- ClassName: 'TIdaWindow' WindowName: ''
- ClassName: 'APIMonitor By Rohitab' WindowName: ''
- ClassName: 'RegmonClass' WindowName: ''
- ClassName: 'FilemonClass' WindowName: ''
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\loag1[1].rm
- <SYSTEM32>\windnews.exe
- <SYSTEM32>\loag1.exe
- <SYSTEM32>\windnews22.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\windnews22[1].rm
- <SYSTEM32>\rede1.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\rede122[1].rm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\pluguin22[1].rm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\windnews[1].rm
- <SYSTEM32>\pluguin1.exe
- 'www.co####tur.neru9.com':80
- www.co####tur.neru9.com/ro/loag1.rm
- www.co####tur.neru9.com/ro/windnews22.rm
- www.co####tur.neru9.com/ro/windnews.rm
- www.co####tur.neru9.com/ro/rede122.rm
- www.co####tur.neru9.com/ro/pluguin22.rm
- DNS ASK www.co####tur.neru9.com
- '<IP-адрес в локальной сети>':1035
- ClassName: 'SuckMe&Class' WindowName: ''