Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'ln' = '<Current directory>\ln.exe'
- <SYSTEM32>\net1.exe stop "V3MonNT"
- <SYSTEM32>\net.exe stop "V3MonSvc"
- <SYSTEM32>\net1.exe stop "V3MonSvc"
- <SYSTEM32>\net.exe stop "V3MonNT"
- <SYSTEM32>\net1.exe stop "ViRobot Lite Monitoring"
- <SYSTEM32>\net.exe stop "Quick Heal Online Protection"
- <SYSTEM32>\net1.exe stop "Quick Heal Online Protection"
- <SYSTEM32>\net.exe stop "Security Center"
- <SYSTEM32>\net1.exe stop "Windows Internet Connection Sharing(ICS)"
- <SYSTEM32>\net.exe stop "NAV Alert"
- <SYSTEM32>\net1.exe stop "NAV Alert"
- <SYSTEM32>\net.exe stop "Windows Internet Connection Sharing(ICS)"
- <SYSTEM32>\net1.exe stop "Security Center"
- <SYSTEM32>\net.exe stop "Windows Firewall"
- <SYSTEM32>\net1.exe stop "Windows Firewall"
- <SYSTEM32>\net.exe stop "Sophos Anti-Virus Network"
- <SYSTEM32>\net1.exe stop "Sophos Anti-Virus Network"
- <SYSTEM32>\net.exe stop "eTrust Antivirus Job Server"
- <SYSTEM32>\net1.exe stop "Sophos Anti-Virus"
- <SYSTEM32>\net.exe stop "Sygate Personal Firewall"
- <SYSTEM32>\net1.exe stop "Sygate Personal Firewall"
- <SYSTEM32>\net.exe stop "Sophos Anti-Virus"
- <SYSTEM32>\net1.exe stop "eTrust Antivirus Job Server"
- <SYSTEM32>\net.exe stop "ViRobot Expert Monitoring"
- <SYSTEM32>\net1.exe stop "ViRobot Expert Monitoring"
- <SYSTEM32>\net.exe stop "ViRobot Lite Monitoring"
- <SYSTEM32>\net1.exe stop "eTrust Antivirus RPC Server"
- <SYSTEM32>\net.exe stop "eTrust Antivirus Realtime Server"
- <SYSTEM32>\net1.exe stop "eTrust Antivirus Realtime Server"
- <SYSTEM32>\net.exe stop "eTrust Antivirus RPC Server"
- <SYSTEM32>\net1.exe stop "InVircible Scheduler"
- <SYSTEM32>\net.exe stop "kavsvc"
- <SYSTEM32>\net1.exe stop "kavsvc"
- <SYSTEM32>\net.exe stop "InVircible Scheduler"
- <SYSTEM32>\net1.exe stop "AVG7 Alert Manager Server"
- <SYSTEM32>\net.exe stop "AVG7 Update Service"
- <SYSTEM32>\net1.exe stop "AVG7 Update Service"
- <SYSTEM32>\net.exe stop "avast! Antivirus"
- <SYSTEM32>\net1.exe stop "Trend ServerProtect Agent"
- <SYSTEM32>\net.exe stop "Trend ServerProtect "
- <SYSTEM32>\net1.exe stop "Trend ServerProtect "
- <SYSTEM32>\net.exe stop "Trend ServerProtect Agent"
- <SYSTEM32>\net1.exe stop "avast! Antivirus"
- <SYSTEM32>\net.exe stop "avast! iAVS4 Control Service"
- <SYSTEM32>\net1.exe stop "avast! iAVS4 Control Service"
- <SYSTEM32>\net.exe stop "DefWatch"
- <SYSTEM32>\net1.exe stop "DefWatch"
- <SYSTEM32>\net.exe stop "Background Intelligent Transfer Service"
- <SYSTEM32>\net1.exe stop "ScriptBlocking Service"
- <SYSTEM32>\net.exe stop "NAV Auto-Protect"
- <SYSTEM32>\net1.exe stop "NAV Auto-Protect"
- <SYSTEM32>\net.exe stop "ScriptBlocking Service"
- <SYSTEM32>\net1.exe stop "Background Intelligent Transfer Service"
- <SYSTEM32>\net.exe stop "AVSync Manager"
- <SYSTEM32>\net1.exe stop "AVSync Manager"
- <SYSTEM32>\net.exe stop "AVG7 Alert Manager Server"
- <SYSTEM32>\net1.exe stop "BlackICE"
- <SYSTEM32>\net.exe stop "System Event Notification"
- <SYSTEM32>\net1.exe stop "System Event Notification"
- <SYSTEM32>\net.exe stop "BlackICE"
- <SYSTEM32>\net1.exe stop "Sygate Personal Firewall Pro"
- <SYSTEM32>\net.exe stop "Detector de OfficeScanNT"
- <SYSTEM32>\net1.exe stop "Detector de OfficeScanNT"
- <SYSTEM32>\net.exe stop "Symantec Proxy Service"
- <SYSTEM32>\net1.exe stop "ZoneAlarm"
- <SYSTEM32>\net.exe stop "Panda Antivirus"
- <SYSTEM32>\net1.exe stop "Panda Antivirus"
- <SYSTEM32>\net.exe stop "ZoneAlarm"
- <SYSTEM32>\net1.exe stop "Symantec Proxy Service"
- <SYSTEM32>\net.exe stop "Norton Internet Security Proxy Srvice"
- <SYSTEM32>\net1.exe stop "Norton Internet Security Proxy Srvice"
- <SYSTEM32>\net.exe stop "Norton Internet Security service"
- <SYSTEM32>\net1.exe stop "Norton Internet Security Accounts Manager"
- <SYSTEM32>\net.exe stop "Symantec Event Manager"
- <SYSTEM32>\net1.exe stop "Symantec Event Manager"
- <SYSTEM32>\net.exe stop "Norton Internet Security Accounts Manager"
- <SYSTEM32>\net1.exe stop "MonSvcNT"
- <SYSTEM32>\net.exe stop "rising process communication center"
- <SYSTEM32>\net1.exe stop "rising process communication center"
- <SYSTEM32>\net.exe stop "MonSvcNT"
- <SYSTEM32>\cmd.exe /c <Current directory>\a.bat
- <SYSTEM32>\net.exe stop "Turbo Vaccine Monitoring Service"
- <SYSTEM32>\net1.exe stop "Turbo Vaccine Monitoring Service"
- <SYSTEM32>\net.exe stop "rising realtime monitor service"
- <SYSTEM32>\net1.exe stop "RemoteAgent"
- <SYSTEM32>\net.exe stop "Ahnlab Task Scheduler"
- <SYSTEM32>\net1.exe stop "Ahnlab Task Scheduler"
- <SYSTEM32>\net.exe stop "RemoteAgent"
- <SYSTEM32>\net1.exe stop "rising realtime monitor service"
- <SYSTEM32>\net.exe stop "OfficeScanNT Monitor"
- <SYSTEM32>\net1.exe stop "OfficeScanNT Monitor"
- <SYSTEM32>\net.exe stop "McAfee.com VirusScan Online Realtime Engine"
- <SYSTEM32>\net1.exe stop "McAfee.com VirusScan Online Realtime Engine"
- <SYSTEM32>\net.exe stop "McAfee Agent"
- <SYSTEM32>\net1.exe stop "McAfee.com McShield"
- <SYSTEM32>\net.exe stop "Trend NT Realtime Service"
- <SYSTEM32>\net1.exe stop "Trend NT Realtime Service"
- <SYSTEM32>\net.exe stop "McAfee.com McShield"
- <SYSTEM32>\net1.exe stop "McAfee Agent"
- <SYSTEM32>\net.exe stop "SyGateService"
- <SYSTEM32>\net1.exe stop "SyGateService"
- <SYSTEM32>\net.exe stop "Sygate Personal Firewall Pro"
- <SYSTEM32>\net1.exe stop "McShield"
- <SYSTEM32>\net.exe stop " McAfee SecurityCenter Update Manager "
- <SYSTEM32>\net1.exe stop " McAfee SecurityCenter Update Manager "
- <SYSTEM32>\net.exe stop "McShield"
- <SYSTEM32>\net1.exe stop "Norton AntiVirus Auto Protect Service"
- <SYSTEM32>\net.exe stop "Norton AntiVirus Client"
- <SYSTEM32>\net1.exe stop "Norton AntiVirus Client"
- <SYSTEM32>\net.exe stop "Norton AntiVirus Auto Protect Service"
- <SYSTEM32>\net1.exe stop "Norton Internet Security service"
- <SYSTEM32>\net.exe stop "Norton AntiVirus Server"
- <SYSTEM32>\net1.exe stop "Norton AntiVirus Server"
- <SYSTEM32>\net.exe stop "Norton AntiVirus Corporate Edition"
- <SYSTEM32>\net1.exe stop "PC-cillin Personal Firewall"
- <SYSTEM32>\net.exe stop "Trend Micro Proxy Service"
- <SYSTEM32>\net1.exe stop "Trend Micro Proxy Service"
- <SYSTEM32>\net.exe stop "PC-cillin Personal Firewall"
- <SYSTEM32>\net1.exe stop "Norton AntiVirus Corporate Edition"
- <SYSTEM32>\net.exe stop "ViRobot Professional Monitoring"
- <SYSTEM32>\net1.exe stop "ViRobot Professional Monitoring"
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\union.ju4t[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\union.ju4t[1]
- <Current directory>\a.bat
- 'localhost':1038
- 'un###.ju4t.com':80
- 'localhost':1035
- un###.ju4t.com/
- DNS ASK un###.ju4t.com
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''