Technical Information
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\bomgar-scc.exe "-nctuf" "<Full path to virus>" "-install2" "<Full path to virus>" ""%TEMP%\nsr3.tmp\"" "%ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\"
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\button_viewer_actual_size.png
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\button_viewer_fit.png
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\button_sidebar_collapsed.png
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\button_sidebar_expanded.png
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\button_viewer_quality16.png
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\indicator_ft_animation0.png
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\indicator_ft_animation1.png
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\button_viewer_quality32.png
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\button_viewer_quality8.png
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\bomgar-scc.exe
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\button_cb_access_key.png
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\app_icon_32.png
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\BF13227E-B446-4E12-913E-7E5FBBEE54F6
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\button_cb_private.png
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\button_panic.png
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\button_sidebar_alert.png
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\button_cb_survey.png
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\button_cb_team.png
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\remove.exe
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\server.lic
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\nstvhook.dll
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\preload-en-us.rdf
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\settings-init.ini
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\settings-cc.ini4893
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\settings.ini25025
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\uninstall.bat
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\settings.ini10364
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\indicator_ft_animation4.png
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\indicator_pinned_connected.png
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\indicator_ft_animation2.png
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\indicator_ft_animation3.png
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\indicator_pinned_disconnected.png
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\indicator_rep_viewing.png
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\indicator_ss_watermark.png
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\indicator_rep_not_present.png
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\indicator_rep_present.png
- %ALLUSERSPROFILE%\Application Data\bomgar-scc-4E43CA92\app_icon_16.png
- %TEMP%\nsr3.tmp\button_sidebar_alert.png
- %TEMP%\nsr3.tmp\button_sidebar_collapsed.png
- %TEMP%\nsr3.tmp\button_cb_team.png
- %TEMP%\nsr3.tmp\button_panic.png
- %TEMP%\nsr3.tmp\button_sidebar_expanded.png
- %TEMP%\nsr3.tmp\button_viewer_quality16.png
- %TEMP%\nsr3.tmp\button_viewer_quality32.png
- %TEMP%\nsr3.tmp\button_viewer_actual_size.png
- %TEMP%\nsr3.tmp\button_viewer_fit.png
- %TEMP%\nsr3.tmp\server.lic
- %TEMP%\nsr3.tmp\preload-en-us.rdf
- %TEMP%\nsw2.tmp
- %TEMP%\nsr3.tmp\System.dll
- %TEMP%\nsr3.tmp\app_icon_16.png
- %TEMP%\nsr3.tmp\button_cb_private.png
- %TEMP%\nsr3.tmp\button_cb_survey.png
- %TEMP%\nsr3.tmp\app_icon_32.png
- %TEMP%\nsr3.tmp\button_cb_access_key.png
- %TEMP%\nsr3.tmp\indicator_ss_watermark.png
- %TEMP%\nsr3.tmp\nstvhook.dll
- %TEMP%\nsr3.tmp\indicator_rep_present.png
- %TEMP%\nsr3.tmp\indicator_rep_viewing.png
- %TEMP%\nsr3.tmp\uninstall.bat
- %TEMP%\nsr3.tmp\settings-init.ini
- %TEMP%\nsr3.tmp\remove.exe
- %TEMP%\nsr3.tmp\bomgar-scc.exe
- %TEMP%\nsr3.tmp\BF13227E-B446-4E12-913E-7E5FBBEE54F6
- %TEMP%\nsr3.tmp\indicator_ft_animation1.png
- %TEMP%\nsr3.tmp\indicator_ft_animation2.png
- %TEMP%\nsr3.tmp\button_viewer_quality8.png
- %TEMP%\nsr3.tmp\indicator_ft_animation0.png
- %TEMP%\nsr3.tmp\indicator_ft_animation3.png
- %TEMP%\nsr3.tmp\indicator_pinned_disconnected.png
- %TEMP%\nsr3.tmp\indicator_rep_not_present.png
- %TEMP%\nsr3.tmp\indicator_ft_animation4.png
- %TEMP%\nsr3.tmp\indicator_pinned_connected.png
- %TEMP%\nsr3.tmp\indicator_pinned_disconnected.png
- %TEMP%\nsr3.tmp\indicator_pinned_connected.png
- %TEMP%\nsr3.tmp\indicator_rep_present.png
- %TEMP%\nsr3.tmp\indicator_rep_not_present.png
- %TEMP%\nsr3.tmp\indicator_ft_animation2.png
- %TEMP%\nsr3.tmp\indicator_ft_animation1.png
- %TEMP%\nsr3.tmp\indicator_ft_animation4.png
- %TEMP%\nsr3.tmp\indicator_ft_animation3.png
- %TEMP%\nsr3.tmp\indicator_rep_viewing.png
- %TEMP%\nsr3.tmp\settings-init.ini
- %TEMP%\nsr3.tmp\server.lic
- %TEMP%\nsr3.tmp\uninstall.bat
- %TEMP%\nsr3.tmp\System.dll
- %TEMP%\nsr3.tmp\nstvhook.dll
- %TEMP%\nsr3.tmp\indicator_ss_watermark.png
- %TEMP%\nsr3.tmp\remove.exe
- %TEMP%\nsr3.tmp\preload-en-us.rdf
- %TEMP%\nsr3.tmp\indicator_ft_animation0.png
- %TEMP%\nsr3.tmp\button_cb_private.png
- %TEMP%\nsr3.tmp\button_cb_access_key.png
- %TEMP%\nsr3.tmp\button_cb_team.png
- %TEMP%\nsr3.tmp\button_cb_survey.png
- %TEMP%\nsr3.tmp\app_icon_32.png
- %TEMP%\nsr3.tmp\app_icon_16.png
- %TEMP%\nsr3.tmp\bomgar-scc.exe
- %TEMP%\nsr3.tmp\BF13227E-B446-4E12-913E-7E5FBBEE54F6
- %TEMP%\nsr3.tmp\button_panic.png
- %TEMP%\nsr3.tmp\button_viewer_quality16.png
- %TEMP%\nsr3.tmp\button_viewer_fit.png
- %TEMP%\nsr3.tmp\button_viewer_quality8.png
- %TEMP%\nsr3.tmp\button_viewer_quality32.png
- %TEMP%\nsr3.tmp\button_sidebar_collapsed.png
- %TEMP%\nsr3.tmp\button_sidebar_alert.png
- %TEMP%\nsr3.tmp\button_viewer_actual_size.png
- %TEMP%\nsr3.tmp\button_sidebar_expanded.png
- ClassName: 'Shell_TrayWnd' WindowName: ''