Technical Information
- %WINDIR%\explorer.exe
- iexplore.exe
- iexplore.exe process, wininet.dll module
- %HOMEPATH%\5_86\pdvraobar.okg
- %HOMEPATH%\5_86\tsdb.msc
- %HOMEPATH%\5_86\mfaccesd.ico
- %HOMEPATH%\5_86\xbtix.ppt
- %HOMEPATH%\5_86\rjechdlqp.txt
- %HOMEPATH%\5_86\jstvpd.exe
- %HOMEPATH%\5_86\igwfc.pdf
- %HOMEPATH%\5_86\pkdhsmgh.pdf
- %HOMEPATH%\5_86\ogvewuiiv.ppt
- %HOMEPATH%\5_86\girupfj.xml
- %HOMEPATH%\5_86\ubohwdhvkr.dat
- %HOMEPATH%\5_86\seejqas.jpg
- %HOMEPATH%\5_86\wunhs.icm
- %HOMEPATH%\5_86\majtsbhar.bin
- %HOMEPATH%\5_86\uvdeckwop.xl
- %HOMEPATH%\5_86\befcrhfbdu.docx
- %HOMEPATH%\5_86\isiwljln.xls
- %HOMEPATH%\5_86\cnfbogkko.txt
- %HOMEPATH%\5_86\sogmqlr.pif
- %HOMEPATH%\5_86\eiifenbgm.fmk
- %HOMEPATH%\5_86\cigds.jpg
- %HOMEPATH%\5_86\nqvimqn.exe
- %HOMEPATH%\temp\cigds.jpg
- %HOMEPATH%\5_86\sogmqlr.pif
- %WINDIR%\microsoft.net\framework\v4.0.30319\regsvcs.exe
- ClassName: 'EDIT' WindowName: ''
- '%HOMEPATH%\5_86\sogmqlr.pif' eiifenbgm.fmk
- '%WINDIR%\microsoft.net\framework\v4.0.30319\regsvcs.exe'
- '%WINDIR%\syswow64\explorer.exe'
- '%WINDIR%\syswow64\wlanext.exe'
- '%WINDIR%\syswow64\cmd.exe' del "%WINDIR%\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"