Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'aeEkEEcE.exe' = '%ALLUSERSPROFILE%\BWogoUMg\aeEkEEcE.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'pUccUkoM.exe' = '%HOMEPATH%\fCkYUMIQ\pUccUkoM.exe'
- <Auxiliary element>
- C:\Far2\Far.exe
- hidden files
- file extensions
- User Account Control (UAC)
- '%TEMP%\avx_pm.exe'
- '%ALLUSERSPROFILE%\BWogoUMg\aeEkEEcE.exe'
- '%HOMEPATH%\fCkYUMIQ\pUccUkoM.exe'
- '<SYSTEM32>\reg.exe' add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /d 0 /t REG_DWORD /f
- '<SYSTEM32>\reg.exe' add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /f /v Hidden /t REG_DWORD /d 2
- '<SYSTEM32>\reg.exe' add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /f /v HideFileExt /t REG_DWORD /d 1
- C:\RCX5C.tmp
- <Current directory>\ocMU.ico
- <Current directory>\cUce.exe
- C:\RCX5B.tmp
- <Current directory>\rMYw.ico
- <Current directory>\kQMs.exe
- C:\RCX5D.tmp
- <Current directory>\vUgi.ico
- <Current directory>\uQYS.exe
- C:\RCX5F.tmp
- <Current directory>\qwAY.ico
- <Current directory>\gAkg.exe
- C:\RCX5E.tmp
- <Current directory>\QIAY.exe
- C:\RCX58.tmp
- <Current directory>\ZoQE.ico
- <Current directory>\wQkq.exe
- C:\RCX57.tmp
- <Current directory>\GgMk.ico
- <Current directory>\TEIY.exe
- C:\RCX5A.tmp
- <Current directory>\tksu.ico
- <Current directory>\MAII.exe
- C:\RCX59.tmp
- <Current directory>\BUgK.ico
- <Current directory>\HwAC.exe
- <Current directory>\HgEu.exe
- C:\RCX65.tmp
- <Current directory>\ZMoQ.ico
- <Current directory>\MIwk.exe
- C:\RCX64.tmp
- <Current directory>\uIYE.ico
- <Current directory>\xgEM.exe
- C:\RCX67.tmp
- <Current directory>\Vosq.ico
- <Current directory>\EEQg.exe
- C:\RCX66.tmp
- <Current directory>\kQQK.ico
- <Current directory>\oYkK.exe
- <Current directory>\awEu.ico
- <Current directory>\PAgG.exe
- C:\RCX61.tmp
- <Current directory>\fIgA.ico
- <Current directory>\nEMo.exe
- C:\RCX60.tmp
- <Current directory>\hcYO.ico
- <Current directory>\eEcq.exe
- C:\RCX63.tmp
- <Current directory>\Zwsa.ico
- <Current directory>\PcIu.exe
- C:\RCX62.tmp
- <Current directory>\mcsg.ico
- <Current directory>\wgQa.exe
- C:\RCX4B.tmp
- <Current directory>\ckUq.ico
- <Current directory>\fYoE.exe
- C:\RCX4A.tmp
- <Current directory>\VIkS.ico
- <Current directory>\EYUU.exe
- C:\RCX4D.tmp
- <Current directory>\EUsI.ico
- <Current directory>\oAkE.exe
- C:\RCX4C.tmp
- <Current directory>\agki.ico
- <Current directory>\xsIG.exe
- <Current directory>\gIMA.ico
- <Current directory>\lwEU.exe
- C:\RCX47.tmp
- <Current directory>\ZggW.ico
- <Current directory>\pMcQ.exe
- C:\RCX46.tmp
- <Current directory>\eEIy.ico
- <Current directory>\IQYA.exe
- C:\RCX49.tmp
- <Current directory>\EwAM.ico
- <Current directory>\zcAq.exe
- C:\RCX48.tmp
- <Current directory>\pcQK.ico
- <Current directory>\koUK.ico
- <Current directory>\KUMa.exe
- C:\RCX54.tmp
- <Current directory>\UUoo.ico
- <Current directory>\WIQg.exe
- C:\RCX53.tmp
- <Current directory>\Zwke.ico
- <Current directory>\isYw.exe
- C:\RCX56.tmp
- <Current directory>\cooe.ico
- <Current directory>\eIwY.exe
- C:\RCX55.tmp
- <Current directory>\GMIa.ico
- C:\RCX4F.tmp
- <Current directory>\JcYo.ico
- <Current directory>\ncgk.exe
- C:\RCX4E.tmp
- <Current directory>\NMgI.ico
- <Current directory>\IEcU.exe
- C:\RCX50.tmp
- <Current directory>\lUYG.ico
- <Current directory>\eUIO.exe
- C:\RCX52.tmp
- <Current directory>\gAoW.ico
- <Current directory>\Iwse.exe
- C:\RCX51.tmp
- C:\RCX68.tmp
- <Current directory>\fkAW.ico
- <Current directory>\xYMm.exe
- C:\RCX80.tmp
- <Current directory>\icoE.ico
- <Current directory>\Ewwg.exe
- C:\RCX7F.tmp
- <Current directory>\qocc.ico
- <Current directory>\kMsG.exe
- C:\RCX82.tmp
- <Current directory>\qAwa.ico
- <Current directory>\tocI.exe
- C:\RCX81.tmp
- <Current directory>\wwcy.ico
- C:\RCX7B.tmp
- <Current directory>\gEIq.ico
- <Current directory>\cMEg.exe
- C:\RCX7A.tmp
- <Current directory>\lMUi.ico
- <Current directory>\IIUq.exe
- C:\RCX7C.tmp
- <Current directory>\ZsMw.ico
- <Current directory>\IEwC.exe
- C:\RCX7E.tmp
- <Current directory>\TUYM.ico
- <Current directory>\AAkC.exe
- C:\RCX7D.tmp
- C:\RCX88.tmp
- <Current directory>\gAYq.ico
- <Current directory>\GsYY.exe
- C:\RCX87.tmp
- <Current directory>\pQQC.ico
- <Current directory>\MYcs.exe
- C:\RCX89.tmp
- <Current directory>\loAY.ico
- <Current directory>\dooc.exe
- C:\RCX8B.tmp
- <Current directory>\Mggg.ico
- <Current directory>\VwgC.exe
- C:\RCX8A.tmp
- <Current directory>\YAcI.exe
- C:\RCX84.tmp
- <Current directory>\xwUC.ico
- <Current directory>\OYsW.exe
- C:\RCX83.tmp
- <Current directory>\TsIc.ico
- <Current directory>\nkce.exe
- C:\RCX86.tmp
- <Current directory>\eggO.ico
- <Current directory>\OwkG.exe
- C:\RCX85.tmp
- <Current directory>\Rwkq.ico
- <Current directory>\IUIi.exe
- <Current directory>\GgMA.exe
- C:\RCX6E.tmp
- <Current directory>\nIAw.ico
- <Current directory>\pMUs.exe
- C:\RCX6D.tmp
- <Current directory>\fkIc.ico
- <Current directory>\BccU.exe
- C:\RCX70.tmp
- <Current directory>\ZUoS.ico
- <Current directory>\uQEm.exe
- C:\RCX6F.tmp
- <Current directory>\HkQA.ico
- <Current directory>\FkAy.exe
- <Current directory>\TkMi.ico
- <Current directory>\TAwo.exe
- C:\RCX6A.tmp
- <Current directory>\iwwa.ico
- <Current directory>\UYcc.exe
- C:\RCX69.tmp
- <Current directory>\LIwg.ico
- <Current directory>\vIMm.exe
- C:\RCX6C.tmp
- <Current directory>\UksM.ico
- <Current directory>\mAEY.exe
- C:\RCX6B.tmp
- <Current directory>\IIYK.ico
- <Current directory>\ZIso.ico
- C:\RCX77.tmp
- <Current directory>\FQcq.ico
- <Current directory>\BEQy.ico
- <Current directory>\rYkw.exe
- C:\RCX76.tmp
- <Current directory>\WgUi.exe
- C:\RCX79.tmp
- <Current directory>\tIAo.ico
- <Current directory>\eAwY.exe
- C:\RCX78.tmp
- <Current directory>\bYsS.ico
- <Current directory>\JQQM.exe
- C:\RCX72.tmp
- <Current directory>\hMkG.ico
- <Current directory>\OsEa.exe
- C:\RCX71.tmp
- <Current directory>\SQoO.ico
- <Current directory>\ZUMi.exe
- C:\RCX73.tmp
- <Current directory>\woYM.ico
- <Current directory>\dMsI.exe
- C:\RCX75.tmp
- <Current directory>\UkoU.ico
- <Current directory>\RIYU.exe
- C:\RCX74.tmp
- C:\RCX45.tmp
- C:\RCX16.tmp
- <Current directory>\qQcS.ico
- <Current directory>\PQIa.exe
- C:\RCX15.tmp
- <Current directory>\isYg.ico
- <Current directory>\tsIM.exe
- C:\RCX17.tmp
- <Current directory>\KYYc.ico
- <Current directory>\iYQC.exe
- C:\RCX19.tmp
- <Current directory>\cgEE.ico
- <Current directory>\UwsG.exe
- C:\RCX18.tmp
- <Current directory>\OwkA.exe
- C:\RCX12.tmp
- <Current directory>\OAIW.ico
- <Current directory>\uUkq.exe
- C:\RCX11.tmp
- <Current directory>\wosa.ico
- <Current directory>\XAsG.exe
- C:\RCX14.tmp
- <Current directory>\owYA.ico
- <Current directory>\bAIm.exe
- C:\RCX13.tmp
- <Current directory>\YcAe.ico
- <Current directory>\HoEY.exe
- <Current directory>\iYsg.exe
- C:\RCX1F.tmp
- <Current directory>\IYca.ico
- <Current directory>\iAAW.exe
- C:\RCX1E.tmp
- <Current directory>\ZgAM.ico
- <Current directory>\NYEA.exe
- C:\RCX21.tmp
- <Current directory>\XYgA.ico
- <Current directory>\SAMW.exe
- C:\RCX20.tmp
- <Current directory>\aAwi.ico
- <Current directory>\nsks.exe
- <Current directory>\Akoo.ico
- <Current directory>\nMsK.exe
- C:\RCX1B.tmp
- <Current directory>\jcko.ico
- <Current directory>\uIoK.exe
- C:\RCX1A.tmp
- <Current directory>\OsAm.ico
- <Current directory>\lwsy.exe
- C:\RCX1D.tmp
- <Current directory>\oUUw.ico
- <Current directory>\ZosG.exe
- C:\RCX1C.tmp
- <Current directory>\RccQ.ico
- <Current directory>\MUMA.exe
- C:\RCX5.tmp
- <Current directory>\KocS.ico
- <Current directory>\eQMa.exe
- C:\RCX4.tmp
- <Current directory>\zsMG.ico
- <Current directory>\UIMU.exe
- C:\RCX7.tmp
- <Current directory>\JokE.ico
- <Current directory>\bEkQ.exe
- C:\RCX6.tmp
- <Current directory>\Rkgs.ico
- <Current directory>\TEQK.exe
- <Current directory>\yIwY.ico
- <Current directory>\vAAs.exe
- C:\RCX1.tmp
- %TEMP%\BKgAoYwA.bat
- %TEMP%\avx_pm.exe
- <Current directory>\Eskw.ico
- <Current directory>\yIEC.exe
- C:\RCX3.tmp
- <Current directory>\eYgY.ico
- <Current directory>\tgcw.exe
- C:\RCX2.tmp
- <Current directory>\PMwo.ico
- <Current directory>\UEoC.ico
- <Current directory>\IgYW.exe
- C:\RCXE.tmp
- <Current directory>\FsAU.ico
- <Current directory>\ZEAw.exe
- C:\RCXD.tmp
- <Current directory>\PMIk.ico
- <Current directory>\vUoq.exe
- C:\RCX10.tmp
- <Current directory>\mEAi.ico
- <Current directory>\jAAA.exe
- C:\RCXF.tmp
- <Current directory>\PMcY.ico
- C:\RCX9.tmp
- <Current directory>\MYgM.ico
- <Current directory>\GAQW.exe
- C:\RCX8.tmp
- <Current directory>\KcME.ico
- <Current directory>\CokK.exe
- C:\RCXA.tmp
- <Current directory>\UsEy.ico
- <Current directory>\QMUu.exe
- C:\RCXC.tmp
- <Current directory>\lMES.ico
- <Current directory>\qcgw.exe
- C:\RCXB.tmp
- C:\RCX22.tmp
- C:\RCX39.tmp
- <Current directory>\ZMQS.ico
- <Current directory>\noUQ.exe
- C:\RCX38.tmp
- <Current directory>\XAAW.ico
- <Current directory>\VsAa.exe
- C:\RCX3A.tmp
- <Current directory>\TIow.ico
- <Current directory>\dcws.exe
- C:\RCX3C.tmp
- <Current directory>\IMQm.ico
- <Current directory>\bMsI.exe
- C:\RCX3B.tmp
- <Current directory>\JQso.exe
- C:\RCX35.tmp
- <Current directory>\JkgE.ico
- <Current directory>\cYwG.exe
- C:\RCX34.tmp
- <Current directory>\uggU.ico
- <Current directory>\IsoQ.exe
- C:\RCX37.tmp
- <Current directory>\JwoO.ico
- <Current directory>\ngUM.exe
- C:\RCX36.tmp
- <Current directory>\sUEM.ico
- <Current directory>\RAUG.exe
- <Current directory>\jsIc.exe
- C:\RCX42.tmp
- <Current directory>\qkkq.ico
- <Current directory>\HAkY.exe
- C:\RCX41.tmp
- <Current directory>\CwQI.ico
- <Current directory>\UcMw.exe
- C:\RCX44.tmp
- <Current directory>\iUwo.ico
- <Current directory>\AYIU.exe
- C:\RCX43.tmp
- <Current directory>\TwIs.ico
- <Current directory>\QEYE.exe
- <Current directory>\TYgk.ico
- <Current directory>\tYQO.exe
- C:\RCX3E.tmp
- <Current directory>\XYMK.ico
- <Current directory>\eYos.exe
- C:\RCX3D.tmp
- <Current directory>\pwQc.ico
- <Current directory>\QYok.exe
- C:\RCX40.tmp
- <Current directory>\mgoI.ico
- <Current directory>\yQou.exe
- C:\RCX3F.tmp
- <Current directory>\YIMw.ico
- <Current directory>\qYUq.exe
- C:\RCX28.tmp
- <Current directory>\oMcE.ico
- <Current directory>\yAQo.exe
- C:\RCX27.tmp
- <Current directory>\KQww.ico
- <Current directory>\CskS.exe
- C:\RCX2A.tmp
- <Current directory>\eQQG.ico
- <Current directory>\mAUm.exe
- C:\RCX29.tmp
- <Current directory>\Cgok.ico
- <Current directory>\pYgs.exe
- <Current directory>\bUsI.ico
- <Current directory>\uAgO.exe
- C:\RCX24.tmp
- <Current directory>\EYgC.ico
- <Current directory>\rsAk.exe
- C:\RCX23.tmp
- <Current directory>\LYsc.ico
- <Current directory>\ZUUQ.exe
- C:\RCX26.tmp
- <Current directory>\VkYe.ico
- <Current directory>\UsgI.exe
- C:\RCX25.tmp
- <Current directory>\qAkC.ico
- <Current directory>\FQAa.ico
- <Current directory>\KgIe.exe
- C:\RCX31.tmp
- <Current directory>\iwMo.ico
- <Current directory>\AMgC.exe
- C:\RCX30.tmp
- <Current directory>\lwsO.ico
- <Current directory>\vcwK.exe
- C:\RCX33.tmp
- <Current directory>\wgcK.ico
- <Current directory>\nEso.exe
- C:\RCX32.tmp
- <Current directory>\PYkY.ico
- C:\RCX2C.tmp
- <Current directory>\ugke.ico
- <Current directory>\mkoq.exe
- C:\RCX2B.tmp
- <Current directory>\kAsM.ico
- <Current directory>\MYMg.exe
- C:\RCX2D.tmp
- <Current directory>\pgkK.ico
- <Current directory>\uEUq.exe
- C:\RCX2F.tmp
- <Current directory>\HQYC.ico
- <Current directory>\dgYe.exe
- C:\RCX2E.tmp
- %ALLUSERSPROFILE%\BWogoUMg\aeEkEEcE.exe
- %HOMEPATH%\fCkYUMIQ\pUccUkoM.exe
- <Current directory>\cUce.exe
- <Current directory>\ocMU.ico
- <Current directory>\kQMs.exe
- <Current directory>\rMYw.ico
- <Current directory>\uQYS.exe
- <Current directory>\vUgi.ico
- <Current directory>\gAkg.exe
- <Current directory>\qwAY.ico
- <Current directory>\tksu.ico
- <Current directory>\GgMk.ico
- <Current directory>\TEIY.exe
- <Current directory>\cooe.ico
- <Current directory>\QIAY.exe
- <Current directory>\BUgK.ico
- <Current directory>\MAII.exe
- <Current directory>\ZoQE.ico
- <Current directory>\HwAC.exe
- <Current directory>\uIYE.ico
- <Current directory>\xgEM.exe
- <Current directory>\Zwsa.ico
- <Current directory>\HgEu.exe
- <Current directory>\kQQK.ico
- <Current directory>\EEQg.exe
- <Current directory>\ZMoQ.ico
- <Current directory>\oYkK.exe
- <Current directory>\MIwk.exe
- <Current directory>\PAgG.exe
- <Current directory>\awEu.ico
- <Current directory>\nEMo.exe
- <Current directory>\fIgA.ico
- <Current directory>\eEcq.exe
- <Current directory>\mcsg.ico
- <Current directory>\PcIu.exe
- <Current directory>\hcYO.ico
- <Current directory>\wQkq.exe
- <Current directory>\VIkS.ico
- <Current directory>\EYUU.exe
- <Current directory>\EwAM.ico
- <Current directory>\wgQa.exe
- <Current directory>\agki.ico
- <Current directory>\oAkE.exe
- <Current directory>\ckUq.ico
- <Current directory>\xsIG.exe
- <Current directory>\fYoE.exe
- <Current directory>\lwEU.exe
- <Current directory>\gIMA.ico
- <Current directory>\pMcQ.exe
- <Current directory>\ZggW.ico
- <Current directory>\IQYA.exe
- <Current directory>\pcQK.ico
- <Current directory>\zcAq.exe
- <Current directory>\eEIy.ico
- <Current directory>\KUMa.exe
- <Current directory>\koUK.ico
- <Current directory>\WIQg.exe
- <Current directory>\UUoo.ico
- <Current directory>\isYw.exe
- <Current directory>\GMIa.ico
- <Current directory>\eIwY.exe
- <Current directory>\Zwke.ico
- <Current directory>\lUYG.ico
- <Current directory>\NMgI.ico
- <Current directory>\ncgk.exe
- <Current directory>\EUsI.ico
- <Current directory>\IEcU.exe
- <Current directory>\gAoW.ico
- <Current directory>\eUIO.exe
- <Current directory>\JcYo.ico
- <Current directory>\Iwse.exe
- <Current directory>\Vosq.ico
- <Current directory>\fkAW.ico
- <Current directory>\tocI.exe
- <Current directory>\icoE.ico
- <Current directory>\xYMm.exe
- <Current directory>\wwcy.ico
- <Current directory>\OYsW.exe
- <Current directory>\qocc.ico
- <Current directory>\kMsG.exe
- <Current directory>\Ewwg.exe
- <Current directory>\cMEg.exe
- <Current directory>\gEIq.ico
- <Current directory>\IIUq.exe
- <Current directory>\lMUi.ico
- <Current directory>\IEwC.exe
- <Current directory>\ZsMw.ico
- <Current directory>\AAkC.exe
- <Current directory>\TUYM.ico
- <Current directory>\GsYY.exe
- <Current directory>\gAYq.ico
- <Current directory>\MYcs.exe
- <Current directory>\pQQC.ico
- <Current directory>\dooc.exe
- <Current directory>\loAY.ico
- <Current directory>\VwgC.exe
- <Current directory>\Mggg.ico
- <Current directory>\eggO.ico
- <Current directory>\TsIc.ico
- <Current directory>\nkce.exe
- <Current directory>\qAwa.ico
- <Current directory>\YAcI.exe
- <Current directory>\Rwkq.ico
- <Current directory>\OwkG.exe
- <Current directory>\xwUC.ico
- <Current directory>\IUIi.exe
- <Current directory>\tIAo.ico
- <Current directory>\fkIc.ico
- <Current directory>\BccU.exe
- <Current directory>\UksM.ico
- <Current directory>\GgMA.exe
- <Current directory>\HkQA.ico
- <Current directory>\uQEm.exe
- <Current directory>\nIAw.ico
- <Current directory>\FkAy.exe
- <Current directory>\pMUs.exe
- <Current directory>\TAwo.exe
- <Current directory>\TkMi.ico
- <Current directory>\UYcc.exe
- <Current directory>\iwwa.ico
- <Current directory>\vIMm.exe
- <Current directory>\IIYK.ico
- <Current directory>\mAEY.exe
- <Current directory>\LIwg.ico
- <Current directory>\ZIso.ico
- <Current directory>\WgUi.exe
- <Current directory>\rYkw.exe
- <Current directory>\BEQy.ico
- <Current directory>\bYsS.ico
- <Current directory>\eAwY.exe
- <Current directory>\FQcq.ico
- <Current directory>\JQQM.exe
- <Current directory>\woYM.ico
- <Current directory>\SQoO.ico
- <Current directory>\OsEa.exe
- <Current directory>\ZUoS.ico
- <Current directory>\ZUMi.exe
- <Current directory>\UkoU.ico
- <Current directory>\dMsI.exe
- <Current directory>\hMkG.ico
- <Current directory>\RIYU.exe
- <Current directory>\qQcS.ico
- <Current directory>\UwsG.exe
- <Current directory>\isYg.ico
- <Current directory>\PQIa.exe
- <Current directory>\KYYc.ico
- <Current directory>\uIoK.exe
- <Current directory>\cgEE.ico
- <Current directory>\iYQC.exe
- <Current directory>\tsIM.exe
- <Current directory>\XAsG.exe
- <Current directory>\OAIW.ico
- <Current directory>\OwkA.exe
- <Current directory>\wosa.ico
- <Current directory>\bAIm.exe
- <Current directory>\owYA.ico
- <Current directory>\HoEY.exe
- <Current directory>\YcAe.ico
- <Current directory>\NYEA.exe
- <Current directory>\IYca.ico
- <Current directory>\iYsg.exe
- <Current directory>\ZgAM.ico
- <Current directory>\SAMW.exe
- <Current directory>\XYgA.ico
- <Current directory>\nsks.exe
- <Current directory>\aAwi.ico
- <Current directory>\oUUw.ico
- <Current directory>\Akoo.ico
- <Current directory>\ZosG.exe
- <Current directory>\jcko.ico
- <Current directory>\nMsK.exe
- <Current directory>\RccQ.ico
- <Current directory>\iAAW.exe
- <Current directory>\OsAm.ico
- <Current directory>\lwsy.exe
- <Current directory>\mEAi.ico
- <Current directory>\UIMU.exe
- <Current directory>\KocS.ico
- <Current directory>\MUMA.exe
- <Current directory>\zsMG.ico
- <Current directory>\bEkQ.exe
- <Current directory>\JokE.ico
- <Current directory>\TEQK.exe
- <Current directory>\Rkgs.ico
- <Current directory>\eYgY.ico
- <Current directory>\yIwY.ico
- <Current directory>\tgcw.exe
- %TEMP%\BKgAoYwA.bat
- <Current directory>\vAAs.exe
- <Current directory>\PMwo.ico
- <Current directory>\eQMa.exe
- <Current directory>\Eskw.ico
- <Current directory>\yIEC.exe
- <Current directory>\UEoC.ico
- <Current directory>\jAAA.exe
- <Current directory>\FsAU.ico
- <Current directory>\IgYW.exe
- <Current directory>\PMcY.ico
- <Current directory>\uUkq.exe
- <Current directory>\PMIk.ico
- <Current directory>\vUoq.exe
- <Current directory>\ZEAw.exe
- <Current directory>\GAQW.exe
- <Current directory>\MYgM.ico
- <Current directory>\CokK.exe
- <Current directory>\KcME.ico
- <Current directory>\QMUu.exe
- <Current directory>\UsEy.ico
- <Current directory>\qcgw.exe
- <Current directory>\lMES.ico
- <Current directory>\rsAk.exe
- <Current directory>\ZMQS.ico
- <Current directory>\bMsI.exe
- <Current directory>\XAAW.ico
- <Current directory>\noUQ.exe
- <Current directory>\TIow.ico
- <Current directory>\eYos.exe
- <Current directory>\IMQm.ico
- <Current directory>\dcws.exe
- <Current directory>\VsAa.exe
- <Current directory>\IsoQ.exe
- <Current directory>\JkgE.ico
- <Current directory>\JQso.exe
- <Current directory>\uggU.ico
- <Current directory>\ngUM.exe
- <Current directory>\JwoO.ico
- <Current directory>\RAUG.exe
- <Current directory>\sUEM.ico
- <Current directory>\UcMw.exe
- <Current directory>\qkkq.ico
- <Current directory>\jsIc.exe
- <Current directory>\CwQI.ico
- <Current directory>\AYIU.exe
- <Current directory>\iUwo.ico
- <Current directory>\QEYE.exe
- <Current directory>\TwIs.ico
- <Current directory>\mgoI.ico
- <Current directory>\TYgk.ico
- <Current directory>\yQou.exe
- <Current directory>\XYMK.ico
- <Current directory>\tYQO.exe
- <Current directory>\YIMw.ico
- <Current directory>\HAkY.exe
- <Current directory>\pwQc.ico
- <Current directory>\QYok.exe
- <Current directory>\wgcK.ico
- <Current directory>\CskS.exe
- <Current directory>\oMcE.ico
- <Current directory>\qYUq.exe
- <Current directory>\KQww.ico
- <Current directory>\mAUm.exe
- <Current directory>\eQQG.ico
- <Current directory>\pYgs.exe
- <Current directory>\Cgok.ico
- <Current directory>\VkYe.ico
- <Current directory>\bUsI.ico
- <Current directory>\UsgI.exe
- <Current directory>\EYgC.ico
- <Current directory>\uAgO.exe
- <Current directory>\qAkC.ico
- <Current directory>\yAQo.exe
- <Current directory>\LYsc.ico
- <Current directory>\ZUUQ.exe
- <Current directory>\FQAa.ico
- <Current directory>\nEso.exe
- <Current directory>\iwMo.ico
- <Current directory>\KgIe.exe
- <Current directory>\PYkY.ico
- <Current directory>\cYwG.exe
- <Current directory>\lwsO.ico
- <Current directory>\vcwK.exe
- <Current directory>\AMgC.exe
- <Current directory>\mkoq.exe
- <Current directory>\ugke.ico
- <Current directory>\MYMg.exe
- <Current directory>\kAsM.ico
- <Current directory>\uEUq.exe
- <Current directory>\pgkK.ico
- <Current directory>\dgYe.exe
- <Current directory>\HQYC.ico
- from C:\RCX5D.tmp to <Current directory>\cUce.exe
- from C:\RCX5C.tmp to <Current directory>\kQMs.exe
- from C:\RCX5F.tmp to <Current directory>\uQYS.exe
- from C:\RCX5E.tmp to <Current directory>\gAkg.exe
- from C:\RCX59.tmp to <Current directory>\TEIY.exe
- from C:\RCX58.tmp to <Current directory>\QIAY.exe
- from C:\RCX5B.tmp to <Current directory>\MAII.exe
- from C:\RCX5A.tmp to <Current directory>\HwAC.exe
- from C:\RCX60.tmp to <Current directory>\nEMo.exe
- from C:\RCX66.tmp to <Current directory>\xgEM.exe
- from C:\RCX65.tmp to <Current directory>\HgEu.exe
- from C:\RCX68.tmp to <Current directory>\EEQg.exe
- from C:\RCX67.tmp to <Current directory>\oYkK.exe
- from C:\RCX62.tmp to <Current directory>\PcIu.exe
- from C:\RCX61.tmp to <Current directory>\PAgG.exe
- from C:\RCX64.tmp to <Current directory>\MIwk.exe
- from C:\RCX63.tmp to <Current directory>\eEcq.exe
- from C:\RCX4C.tmp to <Current directory>\EYUU.exe
- from C:\RCX4B.tmp to <Current directory>\wgQa.exe
- from C:\RCX4E.tmp to <Current directory>\oAkE.exe
- from C:\RCX4D.tmp to <Current directory>\xsIG.exe
- from C:\RCX48.tmp to <Current directory>\zcAq.exe
- from C:\RCX47.tmp to <Current directory>\lwEU.exe
- from C:\RCX4A.tmp to <Current directory>\fYoE.exe
- from C:\RCX49.tmp to <Current directory>\IQYA.exe
- from C:\RCX4F.tmp to <Current directory>\IEcU.exe
- from C:\RCX55.tmp to <Current directory>\eIwY.exe
- from C:\RCX54.tmp to <Current directory>\KUMa.exe
- from C:\RCX57.tmp to <Current directory>\wQkq.exe
- from C:\RCX56.tmp to <Current directory>\isYw.exe
- from C:\RCX51.tmp to <Current directory>\Iwse.exe
- from C:\RCX50.tmp to <Current directory>\ncgk.exe
- from C:\RCX53.tmp to <Current directory>\WIQg.exe
- from C:\RCX52.tmp to <Current directory>\eUIO.exe
- from C:\RCX69.tmp to <Current directory>\UYcc.exe
- from C:\RCX80.tmp to <Current directory>\xYMm.exe
- from C:\RCX7F.tmp to <Current directory>\Ewwg.exe
- from C:\RCX82.tmp to <Current directory>\kMsG.exe
- from C:\RCX81.tmp to <Current directory>\tocI.exe
- from C:\RCX7C.tmp to <Current directory>\cMEg.exe
- from C:\RCX7B.tmp to <Current directory>\IIUq.exe
- from C:\RCX7E.tmp to <Current directory>\IEwC.exe
- from C:\RCX7D.tmp to <Current directory>\AAkC.exe
- from C:\RCX83.tmp to <Current directory>\OYsW.exe
- from C:\RCX89.tmp to <Current directory>\GsYY.exe
- from C:\RCX88.tmp to <Current directory>\MYcs.exe
- from C:\RCX8B.tmp to <Current directory>\dooc.exe
- from C:\RCX8A.tmp to <Current directory>\VwgC.exe
- from C:\RCX85.tmp to <Current directory>\nkce.exe
- from C:\RCX84.tmp to <Current directory>\YAcI.exe
- from C:\RCX87.tmp to <Current directory>\OwkG.exe
- from C:\RCX86.tmp to <Current directory>\IUIi.exe
- from C:\RCX6F.tmp to <Current directory>\BccU.exe
- from C:\RCX6E.tmp to <Current directory>\GgMA.exe
- from C:\RCX71.tmp to <Current directory>\uQEm.exe
- from C:\RCX70.tmp to <Current directory>\FkAy.exe
- from C:\RCX6B.tmp to <Current directory>\mAEY.exe
- from C:\RCX6A.tmp to <Current directory>\TAwo.exe
- from C:\RCX6D.tmp to <Current directory>\pMUs.exe
- from C:\RCX6C.tmp to <Current directory>\vIMm.exe
- from C:\RCX72.tmp to <Current directory>\ZUMi.exe
- from C:\RCX78.tmp to <Current directory>\WgUi.exe
- from C:\RCX77.tmp to <Current directory>\cYwG.exe
- from C:\RCX7A.tmp to <Current directory>\eAwY.exe
- from C:\RCX79.tmp to <Current directory>\JQQM.exe
- from C:\RCX74.tmp to <Current directory>\RIYU.exe
- from C:\RCX73.tmp to <Current directory>\OsEa.exe
- from C:\RCX76.tmp to <Current directory>\rYkw.exe
- from C:\RCX75.tmp to <Current directory>\dMsI.exe
- from C:\RCX46.tmp to <Current directory>\pMcQ.exe
- from C:\RCX17.tmp to <Current directory>\PQIa.exe
- from C:\RCX16.tmp to <Current directory>\tsIM.exe
- from C:\RCX19.tmp to <Current directory>\iYQC.exe
- from C:\RCX18.tmp to <Current directory>\UwsG.exe
- from C:\RCX13.tmp to <Current directory>\XAsG.exe
- from C:\RCX12.tmp to <Current directory>\OwkA.exe
- from C:\RCX15.tmp to <Current directory>\bAIm.exe
- from C:\RCX14.tmp to <Current directory>\HoEY.exe
- from C:\RCX1A.tmp to <Current directory>\uIoK.exe
- from C:\RCX20.tmp to <Current directory>\NYEA.exe
- from C:\RCX1F.tmp to <Current directory>\iYsg.exe
- from C:\RCX22.tmp to <Current directory>\SAMW.exe
- from C:\RCX21.tmp to <Current directory>\nsks.exe
- from C:\RCX1C.tmp to <Current directory>\ZosG.exe
- from C:\RCX1B.tmp to <Current directory>\nMsK.exe
- from C:\RCX1E.tmp to <Current directory>\iAAW.exe
- from C:\RCX1D.tmp to <Current directory>\lwsy.exe
- from C:\RCX6.tmp to <Current directory>\UIMU.exe
- from C:\RCX5.tmp to <Current directory>\MUMA.exe
- from C:\RCX8.tmp to <Current directory>\bEkQ.exe
- from C:\RCX7.tmp to <Current directory>\TEQK.exe
- from C:\RCX2.tmp to <Current directory>\tgcw.exe
- from C:\RCX1.tmp to <Current directory>\vAAs.exe
- from C:\RCX4.tmp to <Current directory>\eQMa.exe
- from C:\RCX3.tmp to <Current directory>\yIEC.exe
- from C:\RCX9.tmp to <Current directory>\CokK.exe
- from C:\RCXF.tmp to <Current directory>\jAAA.exe
- from C:\RCXE.tmp to <Current directory>\IgYW.exe
- from C:\RCX11.tmp to <Current directory>\uUkq.exe
- from C:\RCX10.tmp to <Current directory>\vUoq.exe
- from C:\RCXB.tmp to <Current directory>\qcgw.exe
- from C:\RCXA.tmp to <Current directory>\GAQW.exe
- from C:\RCXD.tmp to <Current directory>\ZEAw.exe
- from C:\RCXC.tmp to <Current directory>\QMUu.exe
- from C:\RCX23.tmp to <Current directory>\rsAk.exe
- from C:\RCX3A.tmp to <Current directory>\noUQ.exe
- from C:\RCX39.tmp to <Current directory>\VsAa.exe
- from C:\RCX3C.tmp to <Current directory>\dcws.exe
- from C:\RCX3B.tmp to <Current directory>\bMsI.exe
- from C:\RCX36.tmp to <Current directory>\IsoQ.exe
- from C:\RCX35.tmp to <Current directory>\JQso.exe
- from C:\RCX38.tmp to <Current directory>\ngUM.exe
- from C:\RCX37.tmp to <Current directory>\RAUG.exe
- from C:\RCX3D.tmp to <Current directory>\eYos.exe
- from C:\RCX43.tmp to <Current directory>\UcMw.exe
- from C:\RCX42.tmp to <Current directory>\jsIc.exe
- from C:\RCX45.tmp to <Current directory>\AYIU.exe
- from C:\RCX44.tmp to <Current directory>\QEYE.exe
- from C:\RCX3F.tmp to <Current directory>\yQou.exe
- from C:\RCX3E.tmp to <Current directory>\tYQO.exe
- from C:\RCX41.tmp to <Current directory>\HAkY.exe
- from C:\RCX40.tmp to <Current directory>\QYok.exe
- from C:\RCX29.tmp to <Current directory>\CskS.exe
- from C:\RCX28.tmp to <Current directory>\qYUq.exe
- from C:\RCX2B.tmp to <Current directory>\mAUm.exe
- from C:\RCX2A.tmp to <Current directory>\pYgs.exe
- from C:\RCX25.tmp to <Current directory>\UsgI.exe
- from C:\RCX24.tmp to <Current directory>\uAgO.exe
- from C:\RCX27.tmp to <Current directory>\yAQo.exe
- from C:\RCX26.tmp to <Current directory>\ZUUQ.exe
- from C:\RCX2C.tmp to <Current directory>\MYMg.exe
- from C:\RCX32.tmp to <Current directory>\nEso.exe
- from C:\RCX31.tmp to <Current directory>\KgIe.exe
- from C:\RCX34.tmp to <Current directory>\cYwG.exe
- from C:\RCX33.tmp to <Current directory>\vcwK.exe
- from C:\RCX2E.tmp to <Current directory>\dgYe.exe
- from C:\RCX2D.tmp to <Current directory>\mkoq.exe
- from C:\RCX30.tmp to <Current directory>\AMgC.exe
- from C:\RCX2F.tmp to <Current directory>\uEUq.exe
- '19#.#86.45.170':9999
- '74.##5.232.51':80
- '20#.#7.164.69':9999
- '20#.#19.204.12':9999
- 74.##5.232.51/
- DNS ASK google.com
- ClassName: '' WindowName: 'Open'
- ClassName: '' WindowName: 'Run'
- ClassName: '' WindowName: 'Windows Task Manager'
- ClassName: 'WorkerW' WindowName: ''
- ClassName: 'DV2ControlHost' WindowName: ''
- ClassName: 'BUTTON' WindowName: 'START'
- ClassName: 'ConsoleWindowClass' WindowName: ''
- ClassName: '' WindowName: 'mywMQEoQ'
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: '' WindowName: 'Windows Internet Explorer'
- ClassName: '' WindowName: 'Open File'