Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\bitb6b2.tmp
- %WINDIR%\syswow64\cmd.exe
- %TEMP%\nsr566a.tmp
- %TEMP%\uninstall.exe
- %TEMP%\idea\openx\zope\u2lexch.dll
- %TEMP%\idea\openx\zope\microsoftvisualjupgradeengineinterface.dll
- %TEMP%\idea\openx\zope\70.opends60.dll
- %TEMP%\emphysema
- %TEMP%\kakagemot.dll
- %APPDATA%\icq-profile\update\splash_banner\bitadcb.tmp
- %TEMP%\4721605e.lnk
- %WINDIR%\activate window\logs.dat
- %APPDATA%\icq-profile\update\splash_banner\bitadcb.tmp
- %APPDATA%\microsoft\windows\start menu\programs\startup\bitb6b2.tmp
- %WINDIR%\activate window\logs.dat
- from %APPDATA%\icq-profile\update\splash_banner\bitadcb.tmp to %APPDATA%\icq-profile\update\splash_banner\launchtm.exe
- 'wi######orpo.duckdns.org':7316
- DNS ASK wi######orpo.duckdns.org
- '%WINDIR%\syswow64\rundll32.exe' KakaGemot,Hurley
- '%WINDIR%\syswow64\cmd.exe'