Техническая информация
- <SYSTEM32>\borlndmm.dll
- <SYSTEM32>\ExtExport.exe
- <SYSTEM32>\borlndmm.com
- <SYSTEM32>\Winlogoms.exe
- <SYSTEM32>\borlndmm.com (загружен из сети Интернет)
- <SYSTEM32>\Winlogoms.exe (загружен из сети Интернет)
- <SYSTEM32>\ExtExport.exe (загружен из сети Интернет)
- %WINDIR%\explorer.exe
- <SYSTEM32>\expressos.cfg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\expressos[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\borlndmm[1]
- <SYSTEM32>\borlndmm.com
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\auto[1]
- <SYSTEM32>\ExtExport.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\mataAVs[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\logins[1].gif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\avthekiller[1]
- <SYSTEM32>\Winlogoms.exe
- 'vi#######as.acreunagoias.com.br':80
- 'localhost':1035
- vi#######as.acreunagoias.com.br/images/expressos
- vi#######as.acreunagoias.com.br/images/borlndmm
- vi#######as.acreunagoias.com.br/images/auto
- vi#######as.acreunagoias.com.br/images/mataAVs
- vi#######as.acreunagoias.com.br/images/logins.gif
- vi#######as.acreunagoias.com.br/images/avthekiller
- DNS ASK vi#######as.acreunagoias.com.br
- ClassName: '' WindowName: 'GINA Logon'
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''