Technical Information
- [<HKCU>\Software\Microsoft\Office\Outlook\OMI Account Manager\Accounts]
- [<HKCU>\Identities\{91255D00-95D9-49F5-8E84-7C027F5283B7}\Software\Microsoft\Internet Account Manager\Accounts]
- [<HKCU>\Identities\{91255D00-95D9-49F5-8E84-7C027F5283B7}\Software\Microsoft\Office\Outlook\OMI Account Manager\Accounts]
- [<HKCU>\Software\Microsoft\MSNMessenger]
- [<HKCU>\Software\Yahoo\Pager]
- [<HKCU>\Software\Microsoft\IdentityCRL]
- [<HKCU>\Software\Microsoft\Windows Live Mail]
- %TEMP%\mailpv.exe
- %TEMP%\iepv.exe
- %TEMP%\passwordfox.exe
- %TEMP%\firefox.txt
- '%TEMP%\mailpv.exe' /stext %TEMP%\mailpv.txt
- '%TEMP%\iepv.exe' /stext %TEMP%\iepv.txt
- '%TEMP%\passwordfox.exe' /stext %TEMP%\firefox.txt
- '%TEMP%\mailpv.exe' /stext %TEMP%\mailpv.txt' (with hidden window)
- '%TEMP%\iepv.exe' /stext %TEMP%\iepv.txt' (with hidden window)
- '%TEMP%\passwordfox.exe' /stext %TEMP%\firefox.txt' (with hidden window)