Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '' = '<SYSTEM32>\iexplorer.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '839idake;lfwe' = '%TEMP%\/839idake;lfwe.exe'
- %TEMP%\taskblock.exe
- <SYSTEM32>\iexplorer.exe
- %TEMP%\runescape2.exe
- %TEMP%\runescape(1).exe
- %TEMP%\839idake;lfwe.exe
- %TEMP%\CRNJEUFU - 1-23-2012-4.30.31-PM.gif
- <SYSTEM32>\iexplorer.exe
- %TEMP%\runescape2.exe
- %TEMP%\runescape(1).exe
- %TEMP%\taskblock.exe
- 'sm##.gmail.com':587
- DNS ASK sm##.gmail.com
- '<Private IP address>':1035
- ClassName: 'Indicator' WindowName: ''