Technical Information
- [HKLM\System\CurrentControlSet\Services\cZ9GgsZXdDxIBi] 'ImagePath' = '%TEMP%\cZ9GgsZXdDxIBiO407iD.sys'
- 'cZ9GgsZXdDxIBi' %TEMP%\cZ9GgsZXdDxIBiO407iD.sys
- %TEMP%\cz9ggszxddxibio407id.sys
- %WINDIR%\temp\udde649.tmp
- %WINDIR%\temp\udde649.tmp
- '12#.#1.220.8':80
- http://ne#######rifly.ntoskr.com:80/verifly?ke############################