Technical Information
- <SYSTEM32>\trowinowme.exe (downloaded from the Internet)
- <SYSTEM32>\trowinowme.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\trowinowme[1].gif
- 'co########amaster2010.hpg.com.br':80
- 'localhost':1036
- co########amaster2010.hpg.com.br/trowinowme.gif
- DNS ASK co########amaster2010.hpg.com.br