Technical Information
- '<SYSTEM32>\gzpgkmaz.exe'
- '<SYSTEM32>\eigfrjyc.exe' /pid=1080
- '<SYSTEM32>\frfmftkp.exe'
- '<SYSTEM32>\hphzamnf.exe'
- '<SYSTEM32>\rkwuitkt.exe'
- '<SYSTEM32>\bwkvemhp.exe'
- '<SYSTEM32>\ktqqnsov.exe'
- '<SYSTEM32>\edgbxabl.exe'
- '<SYSTEM32>\fbnzrjpc.exe'
- '<SYSTEM32>\lfaospqi.exe' /pid=3444
- '<SYSTEM32>\yvtvjgyf.exe'
- '<SYSTEM32>\mdooukcj.exe'
- '<SYSTEM32>\frfmftkp.exe' /pid=3496
- '<SYSTEM32>\rkwuitkt.exe' /pid=3864
- '<SYSTEM32>\mucoctkw.exe'
- '<SYSTEM32>\uwglxqok.exe'
- '<SYSTEM32>\jbrxahtp.exe'
- '<SYSTEM32>\xmnneece.exe' /pid=3652
- '<SYSTEM32>\rmeyehbq.exe'
- '<SYSTEM32>\fyrxajqc.exe'
- '<SYSTEM32>\gzpgkmaz.exe' /pid=3268
- '<SYSTEM32>\fhbxouem.exe'
- '<SYSTEM32>\drqtthih.exe'
- '<SYSTEM32>\mrjdjrzb.exe'
- '<SYSTEM32>\vcpboqdn.exe'
- '<SYSTEM32>\hetztapn.exe'
- '<SYSTEM32>\vwwgorgo.exe'
- '<SYSTEM32>\mwnhuoua.exe'
- '<SYSTEM32>\fodxekga.exe'
- '<SYSTEM32>\ackrfbwu.exe'
- '<SYSTEM32>\eigfrjyc.exe'
- '<SYSTEM32>\jsczoptf.exe'
- '<SYSTEM32>\yhkelryt.exe'
- '<SYSTEM32>\xmnneece.exe'
- '<SYSTEM32>\sglergbp.exe'
- '<SYSTEM32>\nivkfrmg.exe'
- '<SYSTEM32>\voaohknm.exe'
- '<SYSTEM32>\ackrfbwu.exe' /pid=3240
- '<SYSTEM32>\xjqgdruy.exe'
- '<SYSTEM32>\lfaospqi.exe'
- '<SYSTEM32>\ibtaaqfj.exe'
- '<SYSTEM32>\egbqwjcm.exe'
- '<SYSTEM32>\vcpboqdn.exe' /pid=2636
- <SYSTEM32>\svchost.exe
- ClassName: '' WindowName: 'Process Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'PROCMON_WINDOW_CLASS' WindowName: ''
- ClassName: '' WindowName: 'Registry Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'RegmonClass' WindowName: ''
- ClassName: '' WindowName: 'File Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'GBDYLLO' WindowName: ''
- ClassName: 'OLLYDBG' WindowName: ''
- ClassName: 'FilemonClass' WindowName: ''
- ClassName: 'pediy06' WindowName: ''
- <SYSTEM32>\fbnzrjpc.exe
- <SYSTEM32>\edgbxabl.exe
- <SYSTEM32>\frfmftkp.exe
- <SYSTEM32>\gzpgkmaz.exe
- <SYSTEM32>\bwkvemhp.exe
- <SYSTEM32>\voaohknm.exe
- <SYSTEM32>\nivkfrmg.exe
- <SYSTEM32>\ktqqnsov.exe
- <SYSTEM32>\fhbxouem.exe
- <SYSTEM32>\rkwuitkt.exe
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\fifo.log
- <SYSTEM32>\mdooukcj.exe
- <SYSTEM32>\mucoctkw.exe
- <SYSTEM32>\uwglxqok.exe
- <SYSTEM32>\fyrxajqc.exe
- <SYSTEM32>\yvtvjgyf.exe
- <SYSTEM32>\hphzamnf.exe
- <SYSTEM32>\rmeyehbq.exe
- <SYSTEM32>\jbrxahtp.exe
- <SYSTEM32>\xmnneece.exe
- <SYSTEM32>\jsczoptf.exe
- <SYSTEM32>\ackrfbwu.exe
- <SYSTEM32>\mrjdjrzb.exe
- <SYSTEM32>\eigfrjyc.exe
- <SYSTEM32>\mwnhuoua.exe
- <SYSTEM32>\MSWINSCK.ocx
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\mswinsck[1].ocx
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\mswinsck[1].ocx
- <SYSTEM32>\fodxekga.exe
- <SYSTEM32>\drqtthih.exe
- <SYSTEM32>\ibtaaqfj.exe
- <SYSTEM32>\xjqgdruy.exe
- <SYSTEM32>\sglergbp.exe
- <SYSTEM32>\egbqwjcm.exe
- <SYSTEM32>\lfaospqi.exe
- <SYSTEM32>\vwwgorgo.exe
- <SYSTEM32>\vcpboqdn.exe
- <SYSTEM32>\yhkelryt.exe
- <SYSTEM32>\hetztapn.exe
- <SYSTEM32>\fbnzrjpc.exe
- <SYSTEM32>\edgbxabl.exe
- <SYSTEM32>\frfmftkp.exe
- <SYSTEM32>\gzpgkmaz.exe
- <SYSTEM32>\fhbxouem.exe
- <SYSTEM32>\voaohknm.exe
- <SYSTEM32>\bwkvemhp.exe
- <SYSTEM32>\ktqqnsov.exe
- <SYSTEM32>\rkwuitkt.exe
- <SYSTEM32>\mdooukcj.exe
- <SYSTEM32>\fyrxajqc.exe
- <SYSTEM32>\mucoctkw.exe
- <SYSTEM32>\uwglxqok.exe
- <SYSTEM32>\yvtvjgyf.exe
- <SYSTEM32>\hphzamnf.exe
- <SYSTEM32>\rmeyehbq.exe
- <SYSTEM32>\jbrxahtp.exe
- <SYSTEM32>\nivkfrmg.exe
- <SYSTEM32>\mrjdjrzb.exe
- <SYSTEM32>\eigfrjyc.exe
- <SYSTEM32>\vcpboqdn.exe
- <SYSTEM32>\drqtthih.exe
- <SYSTEM32>\mwnhuoua.exe
- <SYSTEM32>\fodxekga.exe
- <SYSTEM32>\jsczoptf.exe
- <SYSTEM32>\ackrfbwu.exe
- <SYSTEM32>\vwwgorgo.exe
- <SYSTEM32>\egbqwjcm.exe
- <SYSTEM32>\ibtaaqfj.exe
- <SYSTEM32>\xmnneece.exe
- <SYSTEM32>\sglergbp.exe
- <SYSTEM32>\yhkelryt.exe
- <SYSTEM32>\hetztapn.exe
- <SYSTEM32>\xjqgdruy.exe
- <SYSTEM32>\lfaospqi.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\mswinsck[1].ocx
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\mswinsck[1].ocx
- 'localhost':1082
- 'localhost':1080
- 'localhost':1086
- 'localhost':1084
- 'localhost':1078
- 'localhost':1072
- 'localhost':1070
- 'localhost':1076
- 'localhost':1074
- 'localhost':1100
- 'localhost':1098
- 'localhost':1104
- 'localhost':1102
- 'localhost':1096
- 'localhost':1090
- 'localhost':1088
- 'localhost':1094
- 'localhost':1092
- 'localhost':1046
- 'localhost':1044
- 'localhost':1050
- 'localhost':1048
- 'localhost':1042
- 'pd###.egloos.com':80
- 'localhost':1035
- 'localhost':1040
- 'localhost':1038
- 'localhost':1064
- 'localhost':1062
- 'localhost':1068
- 'localhost':1066
- 'localhost':1060
- 'localhost':1054
- 'localhost':1052
- 'localhost':1058
- 'localhost':1056
- pd###.egloos.com/pds/201304/27/64/mswinsck.ocx
- DNS ASK pd###.egloos.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '18467-41' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''