Техническая информация
- '%TEMP%\~DFA202.exe' "%APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default"
- '%TEMP%\~DFA7C0.exe' /stext ie.txt
- '%TEMP%\~DF9A9C.exe' /stext ms.txt
- mpftray.exe
- GUARD.EXE
- fsav32.exe
- NAVAPW32.EXE
- ZONEALARM.EXE
- zapro.exe
- ntvdm.exe
- AVGCC32.EXE
- ekrn.exe
- AVP.EXE
- AVGCTRL.EXE
- AVSYNMGR.EXE
- AVPM.EXE
- AVP32.EXE
- [<HKLM>\Software\Mirabilis\ICQ\NewOwners]
- [<HKCU>\Software\Yahoo\Pager]
- [<HKCU>\Software\Google\Google Talk\Accounts]
- [<HKCU>\Software\Mirabilis\ICQ\NewOwners]
- [<HKCU>\Software\Microsoft\IdentityCRL]
- [<HKLM>\Software\Miranda]
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Trillian]
- [<HKCU>\Software\Microsoft\MessengerService]
- [<HKCU>\Software\Microsoft\MSNMessenger]
- %TEMP%\plc4.dll
- %TEMP%\aut7.tmp
- %TEMP%\nss3.dll
- %TEMP%\aut6.tmp
- %TEMP%\plds4.dll
- %TEMP%\log.txt
- %TEMP%\nspr4.dll
- %TEMP%\aut8.tmp
- %TEMP%\aut5.tmp
- %TEMP%\aut2.tmp
- %TEMP%\~DFA7C0.exe
- %TEMP%\aut1.tmp
- %TEMP%\~DF9A9C.exe
- %TEMP%\aut4.tmp
- %TEMP%\softokn3.dll
- %TEMP%\aut3.tmp
- %TEMP%\~DFA202.exe
- %TEMP%\aut8.tmp
- %TEMP%\aut7.tmp
- %TEMP%\~DF9A9C.exe
- %TEMP%\~DFA202.exe
- %TEMP%\~DFA7C0.exe
- %TEMP%\aut6.tmp
- %TEMP%\aut2.tmp
- %TEMP%\aut1.tmp
- %TEMP%\aut3.tmp
- %TEMP%\aut5.tmp
- %TEMP%\aut4.tmp
- 'sm##.gmail.com':465
- DNS ASK sm##.gmail.com