Technical Information
- %PROGRAM_FILES%\FireFox\firefox.exe.ico
- %PROGRAM_FILES%\FireFox\RCX6.tmp
- %PROGRAM_FILES%\FireFox\crashreporter.exe.ico
- %PROGRAM_FILES%\FireFox\RCX5.tmp
- %PROGRAM_FILES%\FireFox\uninstall\helper.exe.ico
- %PROGRAM_FILES%\FireFox\uninstall\RCX8.tmp
- %PROGRAM_FILES%\FireFox\updater.exe.ico
- %PROGRAM_FILES%\FireFox\RCX7.tmp
- C:\Far2\Far.exe.ico
- C:\Far2\RCX2.tmp
- <Full path to virus>.ico
- <Current directory>\RCX1.tmp
- %CommonProgramFiles%\Microsoft Shared\MSInfo\msinfo32.exe.ico
- %CommonProgramFiles%\Microsoft Shared\MSInfo\RCX4.tmp
- %CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE.ico
- %CommonProgramFiles%\Microsoft Shared\DW\RCX3.tmp
- %PROGRAM_FILES%\FireFox\crashreporter.exe.ico
- %PROGRAM_FILES%\FireFox\firefox.exe.ico
- %PROGRAM_FILES%\FireFox\updater.exe.ico
- %CommonProgramFiles%\Microsoft Shared\MSInfo\msinfo32.exe.ico
- <Full path to virus>.ico
- C:\Far2\Far.exe.ico
- %CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE.ico
- 'sm##.163.com':25
- DNS ASK sm##.163.com
- '<Private IP address>':1036