Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'ems' = '%ALLUSERSPROFILE%\Application Data\ems.exe'
- '%ALLUSERSPROFILE%\Application Data\dura.exe'
- '%ALLUSERSPROFILE%\Application Data\ems.exe'
- ICQ.exe
- %ALLUSERSPROFILE%\Application Data\dura.exe
- %APPDATA%\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sxx
- %ALLUSERSPROFILE%\Application Data\ems.exe
- %ALLUSERSPROFILE%\Application Data\bszip.dll
- %ALLUSERSPROFILE%\Application Data\dura.exe
- %ALLUSERSPROFILE%\Application Data\bszip.dll
- %ALLUSERSPROFILE%\Application Data\ems.exe
- %APPDATA%\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol
- %APPDATA%\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sxx в %APPDATA%\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol
- 'sm##.#ossmail.ru':25
- DNS ASK sm##.#ossmail.ru
- ClassName: 'Shell_TrayWnd' WindowName: ''