Technical Information
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\hitNzo20gkQ.exe
- '<SYSTEM32>\svchost.exe' netsvcs
- '%WINDIR%\explorer.exe'
- <SYSTEM32>\svchost.exe
- %WINDIR%\Explorer.EXE
- cbmain.ex
- %ALLUSERSPROFILE%\cbank\loadmain\loadmain.exe
- %ALLUSERSPROFILE%\cbank\lin\lin.bin
- %ALLUSERSPROFILE%\cbank\magent\magent.exe
- %ALLUSERSPROFILE%\cbank\lotroclient\lotroclient.exe
- %ALLUSERSPROFILE%\cbank\l2\l2.bin
- %ALLUSERSPROFILE%\cbank\javaw\javaw.exe
- %ALLUSERSPROFILE%\cbank\java\java.exe
- %ALLUSERSPROFILE%\cbank\kb_cli\kb_cli.exe
- %ALLUSERSPROFILE%\cbank\kb_cli\kb_cli.ex
- %ALLUSERSPROFILE%\cbank\msnmsgr\msnmsgr.exe
- %ALLUSERSPROFILE%\cbank\msn6\msn6.exe
- %ALLUSERSPROFILE%\cbank\netxray\netxray.exe
- %ALLUSERSPROFILE%\cbank\navapw32\NAVAPW32.EXE
- %ALLUSERSPROFILE%\cbank\mpftray\mpftray.exe
- %ALLUSERSPROFILE%\cbank\mcagent\MCAGENT.EXE
- %ALLUSERSPROFILE%\cbank\maplestory\maplestory.exe
- %ALLUSERSPROFILE%\cbank\miranda32\miranda32.exe
- %ALLUSERSPROFILE%\cbank\mir3game\Mir3Game.exe
- %ALLUSERSPROFILE%\cbank\googletalk\googletalk.exe
- %ALLUSERSPROFILE%\cbank\ge\ge.exe
- %ALLUSERSPROFILE%\cbank\gvonline\GVOnline.bin
- %ALLUSERSPROFILE%\cbank\guard\GUARD.EXE
- %ALLUSERSPROFILE%\cbank\gc\gc.exe
- %ALLUSERSPROFILE%\cbank\fsav32\fsav32.exe
- %ALLUSERSPROFILE%\cbank\fsav\fsav.exe
- %ALLUSERSPROFILE%\cbank\fsavgui\fsavgui.exe
- %ALLUSERSPROFILE%\cbank\fsavaui\fsavaui.exe
- %ALLUSERSPROFILE%\cbank\intpro\intpro.exe
- %ALLUSERSPROFILE%\cbank\inphasenxd\InphaseNXD.exe
- %ALLUSERSPROFILE%\cbank\isclient\ISClient.exe
- %ALLUSERSPROFILE%\cbank\iscc\iscc.exe
- %ALLUSERSPROFILE%\cbank\inbank-start-ff\inbank-start-ff.exe
- %ALLUSERSPROFILE%\cbank\httplook\httplook.exe
- %ALLUSERSPROFILE%\cbank\gw\gw.exe
- %ALLUSERSPROFILE%\cbank\iexplore\iexplore.exe
- %ALLUSERSPROFILE%\cbank\icq\ICQ.exe
- %ALLUSERSPROFILE%\cbank\nod\nod.exe
- %ALLUSERSPROFILE%\cbank\webmoney\webmoney.exe
- %ALLUSERSPROFILE%\cbank\wclnt\wclnt.exe
- %ALLUSERSPROFILE%\cbank\woool\woool.exe
- %ALLUSERSPROFILE%\cbank\winbaram\winbaram.exe
- %ALLUSERSPROFILE%\cbank\unistream\UniStream.exe
- %ALLUSERSPROFILE%\cbank\translink\translink.exe
- %ALLUSERSPROFILE%\cbank\tiny\tiny.exe
- %ALLUSERSPROFILE%\cbank\twelvesky2\TwelveSky2.exe
- %ALLUSERSPROFILE%\cbank\trillian\trillian.exe
- %ALLUSERSPROFILE%\cbank\zonealarm\ZONEALARM.EXE
- %ALLUSERSPROFILE%\cbank\zlclient\zlclient.exe
- %ALLUSERSPROFILE%\cbank\__cd75efb816b2cc__\__cd75efb816b2cc__.exe
- %ALLUSERSPROFILE%\cbank\zz__cd75efb816b2cc__\ZZ__cd75efb816b2cc__.exe
- %ALLUSERSPROFILE%\cbank\zapro\zapro.exe
- %ALLUSERSPROFILE%\cbank\wsm\wsm.exe
- %ALLUSERSPROFILE%\cbank\wow\wow.exe
- %ALLUSERSPROFILE%\cbank\ybclient\ybclient.exe
- %ALLUSERSPROFILE%\cbank\yahoomessenger\YahooMessenger.exe
- %ALLUSERSPROFILE%\cbank\putty\putty.exe
- %ALLUSERSPROFILE%\cbank\pidgin\pidgin.exe
- %ALLUSERSPROFILE%\cbank\ragfree\RagFree.exe
- %ALLUSERSPROFILE%\cbank\qip\qip.exe
- %ALLUSERSPROFILE%\cbank\outpost\outpost.exe
- %ALLUSERSPROFILE%\cbank\ntvdm\ntvdm.exe
- %ALLUSERSPROFILE%\cbank\nod32\nod32.exe
- %ALLUSERSPROFILE%\cbank\opera\opera.exe
- %ALLUSERSPROFILE%\cbank\oncbcli\oncbcli.exe
- %ALLUSERSPROFILE%\cbank\spidernt\spidernt.exe
- %ALLUSERSPROFILE%\cbank\so3d\so3d.exe
- %ALLUSERSPROFILE%\cbank\startclient7\startclient7.exe
- %ALLUSERSPROFILE%\cbank\sro_client\sro_client.exe
- %ALLUSERSPROFILE%\cbank\smc\smc.exe
- %ALLUSERSPROFILE%\cbank\safari\safari.exe
- %ALLUSERSPROFILE%\cbank\rclient\rclient.exe
- %ALLUSERSPROFILE%\cbank\skype\skype.exe
- %ALLUSERSPROFILE%\cbank\sgbclient\sgbclient.exe
- %TEMP%\15.tmp
- %ALLUSERSPROFILE%\cbank\ageofconan\ageofconan.exe
- %ALLUSERSPROFILE%\cbank\ash\ash.exe
- %ALLUSERSPROFILE%\cbank\aion\aion.exe
- %TEMP%\14.tmp
- %TEMP%\12.tmp
- %TEMP%\11.tmp
- %TEMP%\13.tmp
- %ALLUSERSPROFILE%\cbank\360tray\360tray.exe
- %ALLUSERSPROFILE%\cbank\avp\AVP.EXE
- %ALLUSERSPROFILE%\cbank\avp\AVP.COM
- %ALLUSERSPROFILE%\cbank\avpcc\AVPCC.EXE
- %ALLUSERSPROFILE%\cbank\avp32\AVP32.EXE
- %ALLUSERSPROFILE%\cbank\avgctrl\AVGCTRL.EXE
- %ALLUSERSPROFILE%\cbank\ashavsrv\ashAvSrv.exe
- %ALLUSERSPROFILE%\cbank\ashavast\ashAvast.exe
- %ALLUSERSPROFILE%\cbank\avgcc32\AVGCC32.EXE
- %ALLUSERSPROFILE%\cbank\avgcc\avgcc.exe
- %TEMP%\7.tmp
- %TEMP%\6.tmp
- %TEMP%\9.tmp
- %TEMP%\8.tmp
- %TEMP%\5.tmp
- %TEMP%\2.tmp
- %TEMP%\1.tmp
- %TEMP%\4.tmp
- %TEMP%\3.tmp
- %ALLUSERSPROFILE%\Application Data\4EUDycE7Fz0\mnhslst32.dat
- %TEMP%\F.tmp
- %TEMP%\10.tmp
- %ALLUSERSPROFILE%\Application Data\4EUDycE7Fz0\jbE9cSHrBig.dat
- %TEMP%\E.tmp
- %TEMP%\B.tmp
- %TEMP%\A.tmp
- %TEMP%\D.tmp
- %TEMP%\C.tmp
- %ALLUSERSPROFILE%\cbank\avpm\AVPM.EXE
- %ALLUSERSPROFILE%\cbank\drweb\drweb.exe
- %ALLUSERSPROFILE%\cbank\dnf\dnf.exe
- %ALLUSERSPROFILE%\cbank\drweb386\drweb386.exe
- %ALLUSERSPROFILE%\cbank\drweb32w\Drweb32w.exe
- %ALLUSERSPROFILE%\cbank\dekaron\dekaron.exe
- %ALLUSERSPROFILE%\cbank\clmain\clmain.exe
- %ALLUSERSPROFILE%\cbank\client7\client7.exe
- %ALLUSERSPROFILE%\cbank\contactng\contactNG.exe
- %ALLUSERSPROFILE%\cbank\clntw32\clntw32.exe
- %ALLUSERSPROFILE%\cbank\elementclient\elementclient.exe
- %ALLUSERSPROFILE%\cbank\elbank\elbank.exe
- %ALLUSERSPROFILE%\cbank\firefox\firefox.exe
- %ALLUSERSPROFILE%\cbank\el_cli\el_cli.ex
- %ALLUSERSPROFILE%\cbank\ekrn\ekrn.exe
- %ALLUSERSPROFILE%\cbank\drwebwcl\Drwebwcl.exe
- %ALLUSERSPROFILE%\cbank\drwebupw\Drwebupw.exe
- %ALLUSERSPROFILE%\cbank\egni\egni.exe
- %ALLUSERSPROFILE%\cbank\ecmd\ecmd.exe
- %ALLUSERSPROFILE%\cbank\bdss\bdss.exe
- %ALLUSERSPROFILE%\cbank\bdagent\bdagent.exe
- %ALLUSERSPROFILE%\cbank\bk\bk.exe
- %ALLUSERSPROFILE%\cbank\bdsubmit\bdsubmit.exe
- %ALLUSERSPROFILE%\cbank\bc_loader\bc_loader.exe
- %ALLUSERSPROFILE%\cbank\bankcl\bankcl.exe
- %ALLUSERSPROFILE%\cbank\avsynmgr\AVSYNMGR.EXE
- %ALLUSERSPROFILE%\cbank\bclient\bclient.exe
- %ALLUSERSPROFILE%\cbank\bbclient\BBClient.exe
- %ALLUSERSPROFILE%\cbank\chrome\chrome.exe
- %ALLUSERSPROFILE%\cbank\ccapp\ccapp.exe
- %ALLUSERSPROFILE%\cbank\clbank\clbank.exe
- %ALLUSERSPROFILE%\cbank\clamwin\ClamWin.exe
- %ALLUSERSPROFILE%\cbank\cbsmain\cbsmain.exe
- %ALLUSERSPROFILE%\cbank\cbank\cbank.exe
- %ALLUSERSPROFILE%\cbank\cabalmain\cabalmain.exe
- %ALLUSERSPROFILE%\cbank\cbmain\cbmain.exe
- %ALLUSERSPROFILE%\cbank\cbmain\cbmain.ex
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\hitNzo20gkQ.exe
- %TEMP%\1.tmp
- 'az.#ika.in':80
- '17#.#62.179.65':700
- 'ru#.zika.in':80
- DNS ASK az.#ika.in
- DNS ASK ru#.zika.in
- ClassName: 'OperaWindowClass' WindowName: '(null)'
- ClassName: 'Chrome_WidgetWin_0' WindowName: '(null)'
- ClassName: 'MozillaWindowClass' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'IEFrame' WindowName: '(null)'