Technical Information
- [<HKLM>\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'Web Event Logger' = '{79FEACFF-FFCE-815E-A900-316290B5B738}'
- %WINDIR%\syswow64\bgafln32.exe
- %WINDIR%\syswow64\gdcljgcd.exe
- %WINDIR%\syswow64\mojojhkk.dll
- %WINDIR%\syswow64\gplidhge.exe
- %WINDIR%\syswow64\dpiaiapj.dll
- %WINDIR%\syswow64\hpnfjg32.exe
- %WINDIR%\syswow64\ndieen32.dll
- %WINDIR%\syswow64\hpqbpg32.exe
- %WINDIR%\syswow64\ceoqop32.dll
- %WINDIR%\syswow64\hlgcdhid.exe
- %WINDIR%\syswow64\enbnpi32.dll
- %WINDIR%\syswow64\hljpjh32.exe
- %WINDIR%\syswow64\lmnkceoe.dll
- %WINDIR%\syswow64\hhqqoilf.exe
- %WINDIR%\syswow64\dcojaabb.exe
- %WINDIR%\syswow64\milgkd32.dll
- %WINDIR%\syswow64\fnolcf32.dll
- %WINDIR%\syswow64\ifgnnm32.exe
- %WINDIR%\syswow64\ogdigkep.dll
- %WINDIR%\syswow64\ihggphfn.exe
- %WINDIR%\syswow64\nbjiodbd.dll
- %WINDIR%\syswow64\ijkpmp32.exe
- %WINDIR%\syswow64\cjonbj32.dll
- %WINDIR%\syswow64\ijmmbohg.exe
- %WINDIR%\syswow64\acmemg32.dll
- %WINDIR%\syswow64\jfdmgp32.exe
- %WINDIR%\syswow64\mamhfoil.dll
- %WINDIR%\syswow64\jjbfno32.exe
- %WINDIR%\syswow64\fknejlgp.dll
- %WINDIR%\syswow64\gabbhlfc.exe
- %WINDIR%\syswow64\aeoffo32.dll
- %WINDIR%\syswow64\fbbmdfmd.dll
- %WINDIR%\syswow64\gbmfgpbk.exe
- %WINDIR%\syswow64\miablfca.dll
- %WINDIR%\syswow64\cqlhkc32.exe
- %WINDIR%\syswow64\kopiaf32.dll
- %WINDIR%\syswow64\cmbhpdkm.exe
- %WINDIR%\syswow64\jkaejd32.dll
- %WINDIR%\syswow64\cmeeed32.exe
- %WINDIR%\syswow64\cfocelno.dll
- %WINDIR%\syswow64\cmgbkc32.exe
- %WINDIR%\syswow64\hfdpiabe.dll
- %WINDIR%\syswow64\dohkmoch.exe
- %WINDIR%\syswow64\hjakkq32.dll
- %WINDIR%\syswow64\dbhdnjqi.exe
- %WINDIR%\syswow64\abnedoog.dll
- %WINDIR%\syswow64\deimpe32.exe
- %WINDIR%\syswow64\jmcooj32.exe
- %WINDIR%\syswow64\idgadjbj.exe
- %WINDIR%\syswow64\fhbdfclb.dll
- %WINDIR%\syswow64\ebcgbngj.exe
- %WINDIR%\syswow64\ddpgda32.dll
- %WINDIR%\syswow64\efaohl32.exe
- %WINDIR%\syswow64\fnkade32.dll
- %WINDIR%\syswow64\eeglih32.exe
- %WINDIR%\syswow64\jmgfgh32.dll
- %WINDIR%\syswow64\ejfagoom.exe
- %WINDIR%\syswow64\fdnlll32.dll
- %WINDIR%\syswow64\fpgcje32.exe
- %WINDIR%\syswow64\gknipm32.dll
- %WINDIR%\syswow64\fdelqcof.exe
- %WINDIR%\syswow64\lblhjlld.dll
- %WINDIR%\syswow64\fbjiapdn.exe
- %WINDIR%\syswow64\fjoafh32.dll
- %WINDIR%\syswow64\kfkfalhp.dll
- %WINDIR%\syswow64\knhndoce.dll
- '%WINDIR%\syswow64\bgafln32.exe'
- '%WINDIR%\syswow64\ifgnnm32.exe'
- '%WINDIR%\syswow64\idgadjbj.exe'
- '%WINDIR%\syswow64\hhqqoilf.exe'
- '%WINDIR%\syswow64\hljpjh32.exe'
- '%WINDIR%\syswow64\hlgcdhid.exe'
- '%WINDIR%\syswow64\hpqbpg32.exe'
- '%WINDIR%\syswow64\gabbhlfc.exe'
- '%WINDIR%\syswow64\gplidhge.exe'
- '%WINDIR%\syswow64\gdcljgcd.exe'
- '%WINDIR%\syswow64\jmcooj32.exe'
- '%WINDIR%\syswow64\fbjiapdn.exe'
- '%WINDIR%\syswow64\fdelqcof.exe'
- '%WINDIR%\syswow64\fpgcje32.exe'
- '%WINDIR%\syswow64\ijkpmp32.exe'
- '%WINDIR%\syswow64\ihggphfn.exe'
- '%WINDIR%\syswow64\hpnfjg32.exe'
- '%WINDIR%\syswow64\ijmmbohg.exe'
- '%WINDIR%\syswow64\cqlhkc32.exe'
- '%WINDIR%\syswow64\efaohl32.exe'
- '%WINDIR%\syswow64\ebcgbngj.exe'
- '%WINDIR%\syswow64\cmbhpdkm.exe'
- '%WINDIR%\syswow64\dcojaabb.exe'
- '%WINDIR%\syswow64\deimpe32.exe'
- '%WINDIR%\syswow64\cmeeed32.exe'
- '%WINDIR%\syswow64\cmgbkc32.exe'
- '%WINDIR%\syswow64\dohkmoch.exe'
- '%WINDIR%\syswow64\gbmfgpbk.exe'
- '%WINDIR%\syswow64\eeglih32.exe'
- '%WINDIR%\syswow64\ejfagoom.exe'
- '%WINDIR%\syswow64\jjbfno32.exe'
- '%WINDIR%\syswow64\jfdmgp32.exe'
- '%WINDIR%\syswow64\dbhdnjqi.exe'
- '%WINDIR%\syswow64\ihggphfn.exe' ' (with hidden window)
- '%WINDIR%\syswow64\ijmmbohg.exe' ' (with hidden window)
- '%WINDIR%\syswow64\cqlhkc32.exe' ' (with hidden window)
- '%WINDIR%\syswow64\ijkpmp32.exe' ' (with hidden window)
- '%WINDIR%\syswow64\jfdmgp32.exe' ' (with hidden window)
- '%WINDIR%\syswow64\ejfagoom.exe' ' (with hidden window)
- '%WINDIR%\syswow64\eeglih32.exe' ' (with hidden window)
- '%WINDIR%\syswow64\ifgnnm32.exe' ' (with hidden window)
- '%WINDIR%\syswow64\idgadjbj.exe' ' (with hidden window)
- '%WINDIR%\syswow64\cmeeed32.exe' ' (with hidden window)
- '%WINDIR%\syswow64\hhqqoilf.exe' ' (with hidden window)
- '%WINDIR%\syswow64\hljpjh32.exe' ' (with hidden window)
- '%WINDIR%\syswow64\gabbhlfc.exe' ' (with hidden window)
- '%WINDIR%\syswow64\bgafln32.exe' ' (with hidden window)
- '%WINDIR%\syswow64\hlgcdhid.exe' ' (with hidden window)
- '%WINDIR%\syswow64\gplidhge.exe' ' (with hidden window)
- '%WINDIR%\syswow64\ebcgbngj.exe' ' (with hidden window)
- '%WINDIR%\syswow64\cmbhpdkm.exe' ' (with hidden window)
- '%WINDIR%\syswow64\cmgbkc32.exe' ' (with hidden window)
- '%WINDIR%\syswow64\fdelqcof.exe' ' (with hidden window)
- '%WINDIR%\syswow64\dcojaabb.exe' ' (with hidden window)
- '%WINDIR%\syswow64\fbjiapdn.exe' ' (with hidden window)
- '%WINDIR%\syswow64\gbmfgpbk.exe' ' (with hidden window)
- '%WINDIR%\syswow64\jjbfno32.exe' ' (with hidden window)
- '%WINDIR%\syswow64\deimpe32.exe' ' (with hidden window)
- '%WINDIR%\syswow64\dbhdnjqi.exe' ' (with hidden window)
- '%WINDIR%\syswow64\hpnfjg32.exe' ' (with hidden window)
- '%WINDIR%\syswow64\dohkmoch.exe' ' (with hidden window)
- '%WINDIR%\syswow64\hpqbpg32.exe' ' (with hidden window)
- '%WINDIR%\syswow64\fpgcje32.exe' ' (with hidden window)
- '%WINDIR%\syswow64\gdcljgcd.exe' ' (with hidden window)
- '%WINDIR%\syswow64\efaohl32.exe' ' (with hidden window)
- '%WINDIR%\syswow64\jmcooj32.exe' ' (with hidden window)