Technical Information
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemsuzsz.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemhwrrt.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemznmgg.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemfdtma.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemptnnn.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemranct.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemuamvi.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemcocat.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemjhdqn.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemcdtaz.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemtrnbq.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemnfscq.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemsmecl.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemivboj.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemqxtkg.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemfrmpk.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemsxpaj.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemahlny.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemswvwa.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemicvlf.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemomluv.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemyghxw.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemlmdin.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemiwrke.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemimkhq.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemsinpm.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemlvqys.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemllqbp.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemvsigk.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemmalcc.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqembmsar.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemzfjga.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemrqhjz.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemzwmgk.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemmyofr.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemdybaw.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemwfgel.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemwqrut.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemnhjxe.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemovbbp.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqembmghx.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemhbunv.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemrpxvq.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemepmcp.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemoosmj.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemzzkhb.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemhoklk.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemjnaln.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemzpipo.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemvqodk.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemkykbw.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemrbwkj.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemctnfc.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemealwu.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemzaadt.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemmftrm.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemkzscn.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemuqgxl.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemoxakk.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemtceij.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemvinrj.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemwiyua.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemvbuqe.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemvoanj.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemgoqbe.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemlvcof.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemiagax.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemjrjqn.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqembswov.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemgxbzg.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemjgyxj.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemgiqqf.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemgymdx.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqembqkhj.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemygrnd.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemqmyry.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemokibw.exe'
- '%TEMP%\Sysqemfdtma.exe'
- '%TEMP%\Sysqemsuzsz.exe'
- '%TEMP%\Sysqemcdtaz.exe'
- '%TEMP%\Sysqemznmgg.exe'
- '%TEMP%\Sysqemhwrrt.exe'
- '%TEMP%\Sysqemjhdqn.exe'
- '%TEMP%\Sysqemranct.exe'
- '%TEMP%\Sysqemptnnn.exe'
- '%TEMP%\Sysqemcocat.exe'
- '%TEMP%\Sysqemsxpaj.exe'
- '%TEMP%\Sysqemivboj.exe'
- '%TEMP%\Sysqemtrnbq.exe'
- '%TEMP%\Sysqemnhjxe.exe'
- '%TEMP%\Sysqemsmecl.exe'
- '%TEMP%\Sysqemnfscq.exe'
- '%TEMP%\Sysqemswvwa.exe'
- '%TEMP%\Sysqemfrmpk.exe'
- '%TEMP%\Sysqemqxtkg.exe'
- '%TEMP%\Sysqemahlny.exe'
- '%TEMP%\Sysqemlmdin.exe'
- '%TEMP%\Sysqemicvlf.exe'
- '%TEMP%\Sysqemvsigk.exe'
- '%TEMP%\Sysqemyghxw.exe'
- '%TEMP%\Sysqemomluv.exe'
- '%TEMP%\Sysqemllqbp.exe'
- '%TEMP%\Sysqemimkhq.exe'
- '%TEMP%\Sysqemiwrke.exe'
- '%TEMP%\Sysqemlvqys.exe'
- '%TEMP%\Sysqemdybaw.exe'
- '%TEMP%\Sysqemrqhjz.exe'
- '%TEMP%\Sysqemmalcc.exe'
- '%TEMP%\Sysqemuamvi.exe'
- '%TEMP%\Sysqemzfjga.exe'
- '%TEMP%\Sysqembmsar.exe'
- '%TEMP%\Sysqemwqrut.exe'
- '%TEMP%\Sysqemmyofr.exe'
- '%TEMP%\Sysqemzwmgk.exe'
- '%TEMP%\Sysqemwfgel.exe'
- '%TEMP%\Sysqemovbbp.exe'
- '%TEMP%\Sysqembmghx.exe'
- '%TEMP%\Sysqemhbunv.exe'
- '%TEMP%\Sysqemrpxvq.exe'
- '%TEMP%\Sysqemepmcp.exe'
- '%TEMP%\Sysqemoosmj.exe'
- '%TEMP%\Sysqemzzkhb.exe'
- '%TEMP%\Sysqemhoklk.exe'
- '%TEMP%\Sysqemjnaln.exe'
- '%TEMP%\Sysqemzpipo.exe'
- '%TEMP%\Sysqemvqodk.exe'
- '%TEMP%\Sysqemkykbw.exe'
- '%TEMP%\Sysqemrbwkj.exe'
- '%TEMP%\Sysqemctnfc.exe'
- '%TEMP%\Sysqemealwu.exe'
- '%TEMP%\Sysqemzaadt.exe'
- '%TEMP%\Sysqemmftrm.exe'
- '%TEMP%\Sysqemkzscn.exe'
- '%TEMP%\Sysqemuqgxl.exe'
- '%TEMP%\Sysqemoxakk.exe'
- '%TEMP%\Sysqemtceij.exe'
- '%TEMP%\Sysqemvinrj.exe'
- '%TEMP%\Sysqemwiyua.exe'
- '%TEMP%\Sysqemvbuqe.exe'
- '%TEMP%\Sysqemvoanj.exe'
- '%TEMP%\Sysqemgoqbe.exe'
- '%TEMP%\Sysqemlvcof.exe'
- '%TEMP%\Sysqemiagax.exe'
- '%TEMP%\Sysqemjrjqn.exe'
- '%TEMP%\Sysqembswov.exe'
- '%TEMP%\Sysqemgxbzg.exe'
- '%TEMP%\Sysqemjgyxj.exe'
- '%TEMP%\Sysqemgiqqf.exe'
- '%TEMP%\Sysqemgymdx.exe'
- '%TEMP%\Sysqembqkhj.exe'
- '%TEMP%\Sysqemygrnd.exe'
- '%TEMP%\Sysqemqmyry.exe'
- '%TEMP%\Sysqemokibw.exe'
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- %TEMP%\Sysqemfdtma.exe
- %TEMP%\Sysqemsuzsz.exe
- %TEMP%\Sysqemcdtaz.exe
- %TEMP%\Sysqemznmgg.exe
- %TEMP%\Sysqemhwrrt.exe
- %TEMP%\Sysqemjhdqn.exe
- %TEMP%\Sysqemranct.exe
- %TEMP%\Sysqemptnnn.exe
- %TEMP%\Sysqemcocat.exe
- %TEMP%\Sysqemsxpaj.exe
- %TEMP%\Sysqemivboj.exe
- %TEMP%\Sysqemtrnbq.exe
- %TEMP%\Sysqemnhjxe.exe
- %TEMP%\Sysqemsmecl.exe
- %TEMP%\Sysqemnfscq.exe
- %TEMP%\Sysqemswvwa.exe
- %TEMP%\Sysqemfrmpk.exe
- %TEMP%\Sysqemqxtkg.exe
- %TEMP%\Sysqemahlny.exe
- %TEMP%\Sysqemuamvi.exe
- %TEMP%\Sysqemicvlf.exe
- %TEMP%\Sysqemomluv.exe
- %TEMP%\Sysqemyghxw.exe
- %TEMP%\Sysqemlmdin.exe
- %TEMP%\Sysqemiwrke.exe
- %TEMP%\Sysqemimkhq.exe
- %TEMP%\Sysqemsinpm.exe
- %TEMP%\Sysqemlvqys.exe
- %TEMP%\Sysqemllqbp.exe
- %TEMP%\Sysqemvsigk.exe
- %TEMP%\Sysqemmalcc.exe
- %TEMP%\Sysqembmsar.exe
- %TEMP%\Sysqemzfjga.exe
- %TEMP%\Sysqemrqhjz.exe
- %TEMP%\Sysqemzwmgk.exe
- %TEMP%\Sysqemmyofr.exe
- %TEMP%\Sysqemdybaw.exe
- %TEMP%\Sysqemwfgel.exe
- %TEMP%\Sysqemwqrut.exe
- %TEMP%\Sysqemgoqbe.exe
- %TEMP%\Sysqemhbunv.exe
- %TEMP%\Sysqemrpxvq.exe
- %TEMP%\Sysqemmftrm.exe
- %TEMP%\Sysqemzpipo.exe
- %TEMP%\Sysqemovbbp.exe
- %TEMP%\Sysqemhoklk.exe
- %TEMP%\Sysqemjnaln.exe
- %TEMP%\Sysqembmghx.exe
- %TEMP%\Sysqemepmcp.exe
- %TEMP%\Sysqemzaadt.exe
- %TEMP%\Sysqemrbwkj.exe
- %TEMP%\Sysqemctnfc.exe
- %TEMP%\qpath.ini
- %TEMP%\Sysqamqqvaqqd.exe
- %TEMP%\Sysqemvqodk.exe
- %TEMP%\Sysqemkzscn.exe
- %TEMP%\Sysqemuqgxl.exe
- %TEMP%\Sysqemkykbw.exe
- %TEMP%\Sysqemealwu.exe
- %TEMP%\Sysqemoosmj.exe
- %TEMP%\Sysqemwiyua.exe
- %TEMP%\Sysqemoxakk.exe
- %TEMP%\Sysqemjrjqn.exe
- %TEMP%\Sysqemvinrj.exe
- %TEMP%\Sysqemtceij.exe
- %TEMP%\Sysqemiagax.exe
- %TEMP%\Sysqemvoanj.exe
- %TEMP%\Sysqemvbuqe.exe
- %TEMP%\Sysqemlvcof.exe
- %TEMP%\Sysqemygrnd.exe
- %TEMP%\Sysqemgiqqf.exe
- %TEMP%\Sysqembswov.exe
- %TEMP%\Sysqemzzkhb.exe
- %TEMP%\Sysqemjgyxj.exe
- %TEMP%\Sysqemgxbzg.exe
- %TEMP%\Sysqemokibw.exe
- %TEMP%\Sysqembqkhj.exe
- %TEMP%\Sysqemgymdx.exe
- %TEMP%\Sysqemqmyry.exe
- %TEMP%\Sysqemfdtma.exe
- %TEMP%\Sysqemsuzsz.exe
- %TEMP%\Sysqemcdtaz.exe
- %TEMP%\Sysqemznmgg.exe
- %TEMP%\Sysqemhwrrt.exe
- %TEMP%\Sysqemjhdqn.exe
- %TEMP%\Sysqemranct.exe
- %TEMP%\Sysqemptnnn.exe
- %TEMP%\Sysqemcocat.exe
- %TEMP%\Sysqemsxpaj.exe
- %TEMP%\Sysqemivboj.exe
- %TEMP%\Sysqemtrnbq.exe
- %TEMP%\Sysqemnhjxe.exe
- %TEMP%\Sysqemsmecl.exe
- %TEMP%\Sysqemnfscq.exe
- %TEMP%\Sysqemswvwa.exe
- %TEMP%\Sysqemfrmpk.exe
- %TEMP%\Sysqemqxtkg.exe
- %TEMP%\Sysqemahlny.exe
- %TEMP%\Sysqemuamvi.exe
- %TEMP%\Sysqemicvlf.exe
- %TEMP%\Sysqemomluv.exe
- %TEMP%\Sysqemyghxw.exe
- %TEMP%\Sysqemlmdin.exe
- %TEMP%\Sysqemiwrke.exe
- %TEMP%\Sysqemimkhq.exe
- %TEMP%\Sysqemsinpm.exe
- %TEMP%\Sysqemlvqys.exe
- %TEMP%\Sysqemllqbp.exe
- %TEMP%\Sysqemvsigk.exe
- %TEMP%\Sysqemmalcc.exe
- %TEMP%\Sysqembmsar.exe
- %TEMP%\Sysqemzfjga.exe
- %TEMP%\Sysqemrqhjz.exe
- %TEMP%\Sysqemzwmgk.exe
- %TEMP%\Sysqemmyofr.exe
- %TEMP%\Sysqemdybaw.exe
- %TEMP%\Sysqemwfgel.exe
- %TEMP%\Sysqemwqrut.exe
- %TEMP%\Sysqemrpxvq.exe
- %TEMP%\Sysqemovbbp.exe
- %TEMP%\Sysqemzpipo.exe
- %TEMP%\Sysqemhbunv.exe
- %TEMP%\Sysqembmghx.exe
- %TEMP%\Sysqemjnaln.exe
- %TEMP%\Sysqemoosmj.exe
- %TEMP%\Sysqemepmcp.exe
- %TEMP%\Sysqemhoklk.exe
- %TEMP%\Sysqemmftrm.exe
- %TEMP%\Sysqemctnfc.exe
- %TEMP%\Sysqemvqodk.exe
- %TEMP%\Sysqemrbwkj.exe
- %TEMP%\Sysqamqqvaqqd.exe
- %TEMP%\Sysqemkykbw.exe
- %TEMP%\Sysqemuqgxl.exe
- %TEMP%\Sysqemzaadt.exe
- %TEMP%\Sysqemealwu.exe
- %TEMP%\Sysqemkzscn.exe
- %TEMP%\Sysqemzzkhb.exe
- %TEMP%\Sysqemoxakk.exe
- %TEMP%\Sysqemtceij.exe
- %TEMP%\Sysqemvinrj.exe
- %TEMP%\Sysqemwiyua.exe
- %TEMP%\Sysqemvbuqe.exe
- %TEMP%\Sysqemvoanj.exe
- %TEMP%\Sysqemgoqbe.exe
- %TEMP%\Sysqemlvcof.exe
- %TEMP%\Sysqemiagax.exe
- %TEMP%\Sysqemjrjqn.exe
- %TEMP%\Sysqembswov.exe
- %TEMP%\Sysqemgxbzg.exe
- %TEMP%\Sysqemjgyxj.exe
- %TEMP%\Sysqemgiqqf.exe
- %TEMP%\Sysqemgymdx.exe
- %TEMP%\Sysqembqkhj.exe
- %TEMP%\Sysqemygrnd.exe
- %TEMP%\Sysqemqmyry.exe
- %TEMP%\Sysqemokibw.exe