Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'AdobeFlashPlayers' = '"%APPDATA%\AdobeFlashPlayer_88e6680f8b982aa3.exe"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] '*AdobeFlashPlayers' = '"%APPDATA%\AdobeFlashPlayer_88e6680f8b982aa3.exe"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Adobe Reader Update' = '"<Full path to virus>"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] '*Adobe Reader Update' = '"<Full path to virus>"'
- %HOMEPATH%\Start Menu\Programs\Startup\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\HELP_YOUR_FILES.TXT
- <Drive name for removable media>:\HELP_YOUR_FILES.TXT
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\HELP_YOUR_FILES.TXT
- %APPDATA%\Microsoft\Internet Explorer\HELP_YOUR_FILES.TXT
- %APPDATA%\Microsoft\Credentials\S-1-5-21-2052111302-484763869-725345543-1003\HELP_YOUR_FILES.TXT
- %APPDATA%\Microsoft\SystemCertificates\HELP_YOUR_FILES.TXT
- %APPDATA%\Microsoft\MMC\HELP_YOUR_FILES.TXT
- %APPDATA%\Microsoft\Media Player\HELP_YOUR_FILES.TXT
- %APPDATA%\Identities\{5518F2FB-DB74-45A3-BEC1-4575D8D9DC84}\HELP_YOUR_FILES.TXT
- %APPDATA%\Identities\HELP_YOUR_FILES.TXT
- %APPDATA%\HELP_YOUR_FILES.TXT
- %APPDATA%\Microsoft\Credentials\HELP_YOUR_FILES.TXT
- %APPDATA%\Microsoft\Address Book\HELP_YOUR_FILES.TXT
- %APPDATA%\Microsoft\HELP_YOUR_FILES.TXT
- %APPDATA%\Microsoft\SystemCertificates\My\HELP_YOUR_FILES.TXT
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\HELP_YOUR_FILES.TXT
- %APPDATA%\Mozilla\Firefox\Profiles\HELP_YOUR_FILES.TXT
- %APPDATA%\Mozilla\Firefox\HELP_YOUR_FILES.TXT
- %HOMEPATH%\Cookies\HELP_YOUR_FILES.TXT
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\chrome\HELP_YOUR_FILES.TXT
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\bookmarkbackups\HELP_YOUR_FILES.TXT
- %APPDATA%\Microsoft\SystemCertificates\My\CTLs\HELP_YOUR_FILES.TXT
- %APPDATA%\Microsoft\SystemCertificates\My\CRLs\HELP_YOUR_FILES.TXT
- %APPDATA%\Microsoft\SystemCertificates\My\Certificates\HELP_YOUR_FILES.TXT
- %APPDATA%\Mozilla\Extensions\HELP_YOUR_FILES.TXT
- %APPDATA%\Mozilla\HELP_YOUR_FILES.TXT
- %APPDATA%\Microsoft\Windows\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\NetworkService\Application Data\Microsoft\SystemCertificates\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\NetworkService\Application Data\Microsoft\Media Player\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\NetworkService\Application Data\Microsoft\Internet Explorer\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\NetworkService\Application Data\Microsoft\SystemCertificates\My\CRLs\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\NetworkService\Application Data\Microsoft\SystemCertificates\My\Certificates\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\NetworkService\Application Data\Microsoft\SystemCertificates\My\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\NetworkService\Application Data\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\NetworkService\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\NetworkService\Application Data\Microsoft\Credentials\S-1-5-20\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\NetworkService\Application Data\Microsoft\Credentials\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\NetworkService\Application Data\Microsoft\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\NetworkService\Application Data\Microsoft\SystemCertificates\My\CTLs\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\NetworkService\Local Settings\History\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\HELP_YOUR_FILES.TXT
- %HOMEPATH%\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\NetworkService\Local Settings\Temp\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\NetworkService\Local Settings\Application Data\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\NetworkService\Local Settings\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\NetworkService\Cookies\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Credentials\S-1-5-20\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Credentials\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\HELP_YOUR_FILES.TXT
- %HOMEPATH%\NetHood\HELP_YOUR_FILES.TXT
- %HOMEPATH%\My Documents\My Received Files\HELP_YOUR_FILES.TXT
- %HOMEPATH%\My Documents\My Pictures\HELP_YOUR_FILES.TXT
- %HOMEPATH%\SendTo\HELP_YOUR_FILES.TXT
- %HOMEPATH%\Recent\HELP_YOUR_FILES.TXT
- %HOMEPATH%\PrintHood\HELP_YOUR_FILES.TXT
- %HOMEPATH%\Local Settings\Temporary Internet Files\HELP_YOUR_FILES.TXT
- %TEMP%\HELP_YOUR_FILES.TXT
- %HOMEPATH%\Local Settings\History\History.IE5\MSHist012011111020111111\HELP_YOUR_FILES.TXT
- %HOMEPATH%\My Documents\My Music\HELP_YOUR_FILES.TXT
- %HOMEPATH%\My Documents\Downloads\HELP_YOUR_FILES.TXT
- %HOMEPATH%\My Documents\HELP_YOUR_FILES.TXT
- %HOMEPATH%\Start Menu\HELP_YOUR_FILES.TXT
- C:\Far2\Addons\Colors\Custom Highlighting\HELP_YOUR_FILES.TXT
- C:\Far2\Addons\Colors\HELP_YOUR_FILES.TXT
- C:\Far2\Addons\HELP_YOUR_FILES.TXT
- C:\Far2\Addons\SetUp\HELP_YOUR_FILES.TXT
- C:\Far2\Addons\Macros\HELP_YOUR_FILES.TXT
- C:\Far2\Addons\Colors\Default Highlighting\HELP_YOUR_FILES.TXT
- %HOMEPATH%\Start Menu\Programs\Accessories\Accessibility\HELP_YOUR_FILES.TXT
- %HOMEPATH%\Start Menu\Programs\Accessories\HELP_YOUR_FILES.TXT
- %HOMEPATH%\Start Menu\Programs\HELP_YOUR_FILES.TXT
- C:\Far2\HELP_YOUR_FILES.TXT
- %HOMEPATH%\Templates\HELP_YOUR_FILES.TXT
- %HOMEPATH%\Start Menu\Programs\Accessories\Entertainment\HELP_YOUR_FILES.TXT
- <LS_APPDATA>\Identities\{5518F2FB-DB74-45A3-BEC1-4575D8D9DC84}\Microsoft\Outlook Express\HELP_YOUR_FILES.TXT
- <LS_APPDATA>\Identities\{5518F2FB-DB74-45A3-BEC1-4575D8D9DC84}\Microsoft\HELP_YOUR_FILES.TXT
- <LS_APPDATA>\Identities\{5518F2FB-DB74-45A3-BEC1-4575D8D9DC84}\HELP_YOUR_FILES.TXT
- <LS_APPDATA>\Microsoft\Credentials\HELP_YOUR_FILES.TXT
- <LS_APPDATA>\Microsoft\CD Burning\HELP_YOUR_FILES.TXT
- <LS_APPDATA>\Microsoft\HELP_YOUR_FILES.TXT
- %HOMEPATH%\Favorites\Links\HELP_YOUR_FILES.TXT
- %HOMEPATH%\Favorites\HELP_YOUR_FILES.TXT
- %HOMEPATH%\Desktop\HELP_YOUR_FILES.TXT
- <LS_APPDATA>\Identities\HELP_YOUR_FILES.TXT
- <LS_APPDATA>\HELP_YOUR_FILES.TXT
- %HOMEPATH%\Local Settings\HELP_YOUR_FILES.TXT
- <LS_APPDATA>\Microsoft\Credentials\S-1-5-21-2052111302-484763869-725345543-1003\HELP_YOUR_FILES.TXT
- <LS_APPDATA>\Mozilla\Firefox\Profiles\cwdgt0y8.default\startupCache\HELP_YOUR_FILES.TXT
- <LS_APPDATA>\Mozilla\Firefox\Profiles\cwdgt0y8.default\Cache\HELP_YOUR_FILES.TXT
- <LS_APPDATA>\Mozilla\Firefox\Profiles\cwdgt0y8.default\HELP_YOUR_FILES.TXT
- %HOMEPATH%\Local Settings\History\History.IE5\HELP_YOUR_FILES.TXT
- %HOMEPATH%\Local Settings\History\HELP_YOUR_FILES.TXT
- <LS_APPDATA>\VMware\HELP_YOUR_FILES.TXT
- <LS_APPDATA>\Microsoft\Windows Media\HELP_YOUR_FILES.TXT
- <LS_APPDATA>\Microsoft\Windows\HELP_YOUR_FILES.TXT
- <LS_APPDATA>\Microsoft\Media Player\HELP_YOUR_FILES.TXT
- <LS_APPDATA>\Mozilla\Firefox\Profiles\HELP_YOUR_FILES.TXT
- <LS_APPDATA>\Mozilla\Firefox\HELP_YOUR_FILES.TXT
- <LS_APPDATA>\Mozilla\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Favorites\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\DRM\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Documents\My Videos\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Start Menu\Programs\Accessories\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Start Menu\Programs\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Start Menu\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Documents\My Music\Sample Playlists\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Documents\My Music\Sample Music\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Documents\My Music\My Playlists\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Documents\My Pictures\Sample Pictures\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Documents\My Pictures\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Documents\My Music\Sample Playlists\0338E140\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Start Menu\Programs\Accessories\Accessibility\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Application Data\Microsoft\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Application Data\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Application Data\Microsoft\SystemCertificates\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Application Data\Microsoft\Media Player\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Application Data\Microsoft\Internet Explorer\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Start Menu\Programs\Accessories\System Tools\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Start Menu\Programs\Accessories\Entertainment\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Start Menu\Programs\Accessories\Communications\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Templates\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Start Menu\Programs\Games\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Start Menu\Programs\Administrative Tools\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Application Data\Microsoft\Crypto\DSS\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Application Data\Microsoft\Crypto\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Application Data\Microsoft\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Application Data\Microsoft\Crypto\RSA\MachineKeys\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Application Data\Microsoft\Crypto\RSA\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Application Data\Microsoft\Crypto\DSS\MachineKeys\HELP_YOUR_FILES.TXT
- <Current directory>\HELP_YOUR_FILES.TXT
- C:\HELP_YOUR_FILES.TXT
- %APPDATA%\AdobeFlashPlayer_88e6680f8b982aa3.exe
- %ALLUSERSPROFILE%\Application Data\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Application Data\Microsoft\Crypto\RSA\S-1-5-18\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Application Data\Microsoft\Network\Connections\Pbk\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Application Data\Microsoft\Network\Connections\Cm\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Documents\My Music\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Documents\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Desktop\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Application Data\Microsoft\Media Index\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Application Data\Microsoft\HTML Help\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Application Data\Microsoft\Dr Watson\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Application Data\Microsoft\Network\Connections\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Application Data\Microsoft\Network\HELP_YOUR_FILES.TXT
- %ALLUSERSPROFILE%\Application Data\Microsoft\Media Player\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\LocalService\Application Data\Microsoft\Internet Explorer\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\LocalService\Application Data\Microsoft\Credentials\S-1-5-19\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\LocalService\Application Data\Microsoft\Credentials\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\LocalService\Application Data\Microsoft\SystemCertificates\My\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\LocalService\Application Data\Microsoft\SystemCertificates\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\LocalService\Application Data\Microsoft\Media Player\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Templates\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Start Menu\Programs\Startup\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Entertainment\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\LocalService\Application Data\Microsoft\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\LocalService\Application Data\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\LocalService\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\LocalService\Application Data\Microsoft\SystemCertificates\My\Certificates\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Credentials\S-1-5-19\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Credentials\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\LocalService\Local Settings\Temp\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\LocalService\Local Settings\History\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\LocalService\Cookies\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\LocalService\Application Data\Microsoft\SystemCertificates\My\CTLs\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\LocalService\Application Data\Microsoft\SystemCertificates\My\CRLs\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\LocalService\Local Settings\Application Data\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\LocalService\Local Settings\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Local Settings\Application Data\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Local Settings\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Favorites\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Windows Media\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Media Player\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Application Data\Microsoft\SystemCertificates\My\CRLs\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Application Data\Microsoft\SystemCertificates\My\Certificates\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Application Data\Microsoft\SystemCertificates\My\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Desktop\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Cookies\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Application Data\Microsoft\SystemCertificates\My\CTLs\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Local Settings\History\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Start Menu\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\SendTo\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Recent\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Accessibility\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Start Menu\Programs\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Local Settings\Temp\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\Local Settings\History\History.IE5\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\PrintHood\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\NetHood\HELP_YOUR_FILES.TXT
- C:\Documents and Settings\Default User\My Documents\HELP_YOUR_FILES.TXT
- '93.##0.168.60':80
- '74.##5.232.51':80
- http://93.##0.168.60/n/mgpx.php
- DNS ASK google.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''