Техническая информация
- %TEMP%\ckz_G0HJ\6.exe /stext C:/6.txt
- %TEMP%\ckz_G0HJ\5.exe /stext C:/5.txt
- %TEMP%\ckz_G0HJ\7.exe /stext C:/7.txt
- %TEMP%\ckz_G0HJ\9.exe /stext C:/9.txt
- %TEMP%\ckz_G0HJ\8.exe /stext C:/8.txt
- %TEMP%\ckz_G0HJ\1.exe /stext C:/1.txt
- %TEMP%\ckz_G0HJ\run.exe
- %TEMP%\ckz_G0HJ\2.exe /stext C:/2.txt
- %TEMP%\ckz_G0HJ\4.exe /stext C:/4.txt
- %TEMP%\ckz_G0HJ\3.exe /stext C:/3.txt
- [<HKCU>\Software\Yahoo\Pager]
- [<HKCU>\Software\AIM\AIMPRO]
- [<HKCU>\Software\America Online\AIM6\Passwords]
- [<HKLM>\Software\Mirabilis\ICQ\NewOwners]
- [<HKCU>\Software\Paltalk]
- [<HKCU>\Software\Google\Google Talk\Accounts]
- [<HKCU>\Software\Mirabilis\ICQ\NewOwners]
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Trillian]
- [<HKLM>\SOFTWARE\ORL\WinVNC3]
- [<HKCU>\SOFTWARE\ORL\WinVNC3]
- [<HKLM>\Software\Miranda]
- [<HKCU>\Software\Microsoft\IdentityCRL]
- [<HKCU>\Software\Microsoft\MessengerService]
- [<HKCU>\Software\Microsoft\MSNMessenger]
- %TEMP%\mrt1.tmp\kclist.mfx
- %TEMP%\mrt1.tmp\Kcftp.mfx
- %TEMP%\mrt1.tmp\KcSyso.mfx
- %TEMP%\mrt1.tmp\mmfs2.dll
- %TEMP%\mrt1.tmp\kcfile.mfx
- C:\9.txt
- C:\List.txt
- C:\8.txt
- C:\3.txt
- C:\1.txt
- %TEMP%\ckz_G0HJ\4.exe
- %TEMP%\ckz_G0HJ\3.exe
- %TEMP%\ckz_G0HJ\2.exe
- %TEMP%\ckz_G0HJ\1.exe
- %TEMP%\ckz_G0HJ\run.exe
- %TEMP%\ckz_G0HJ\8.exe
- %TEMP%\ckz_G0HJ\9.exe
- %TEMP%\ckz_G0HJ\7.exe
- %TEMP%\ckz_G0HJ\5.exe
- %TEMP%\ckz_G0HJ\6.exe
- C:\8.txt
- C:\9.txt
- C:\1.txt
- C:\3.txt
- 'ft####a.zapto.org':21
- DNS ASK ft####a.zapto.org
- ClassName: 'Shell_TrayWnd' WindowName: ''