Technical Information
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemrveup.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemujsij.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemxwbij.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemeqcgd.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemxqyyr.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqempyvhx.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemezrxm.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemhmjgm.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemkioce.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemfjomq.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemvdwkz.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemnccgj.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemxqnow.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemfdkgp.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemelbpw.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemnxnnl.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemhnjjh.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemsnzjr.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemuejqv.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemyozeu.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemghhco.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemdzufm.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqembmcin.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemydgkd.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemnfxhp.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemqenqk.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemdbowi.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemnfmep.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemeptsk.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemtbtit.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemwkazq.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemrrsmq.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemucory.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemtonoo.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemtllok.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemwfqfw.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemtkzyu.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemorawp.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemdrwmw.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemjsifx.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemdyzol.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemjeanm.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemgzjsy.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemtinkb.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemvzibl.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemggwjt.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemprwmr.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemmfvbl.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemdqbxh.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemspqqa.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemhejyq.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemcfprg.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemrkhxp.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemfuefa.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemrypcb.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemgwpgu.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemvaixs.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemkmhii.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemyyetm.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemfgbjm.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemacdto.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemppuci.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemufbib.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemsybbv.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemskozk.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemtyhsh.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemidskr.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemopqwo.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemypeze.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemypydo.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemkszdb.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemkwvtv.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemgiihu.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%TEMP%\Sysqemqxkpw.exe'
- '%TEMP%\Sysqemrveup.exe'
- '%TEMP%\Sysqemujsij.exe'
- '%TEMP%\Sysqemxwbij.exe'
- '%TEMP%\Sysqemeqcgd.exe'
- '%TEMP%\Sysqemxqyyr.exe'
- '%TEMP%\Sysqempyvhx.exe'
- '%TEMP%\Sysqemezrxm.exe'
- '%TEMP%\Sysqemhmjgm.exe'
- '%TEMP%\Sysqemkioce.exe'
- '%TEMP%\Sysqemfjomq.exe'
- '%TEMP%\Sysqemvdwkz.exe'
- '%TEMP%\Sysqemnccgj.exe'
- '%TEMP%\Sysqemxqnow.exe'
- '%TEMP%\Sysqemfdkgp.exe'
- '%TEMP%\Sysqemelbpw.exe'
- '%TEMP%\Sysqemnxnnl.exe'
- '%TEMP%\Sysqemhnjjh.exe'
- '%TEMP%\Sysqemsnzjr.exe'
- '%TEMP%\Sysqemuejqv.exe'
- '%TEMP%\Sysqemyozeu.exe'
- '%TEMP%\Sysqemghhco.exe'
- '%TEMP%\Sysqemdzufm.exe'
- '%TEMP%\Sysqembmcin.exe'
- '%TEMP%\Sysqemydgkd.exe'
- '%TEMP%\Sysqemnfxhp.exe'
- '%TEMP%\Sysqemqenqk.exe'
- '%TEMP%\Sysqemdbowi.exe'
- '%TEMP%\Sysqemnfmep.exe'
- '%TEMP%\Sysqemeptsk.exe'
- '%TEMP%\Sysqemtbtit.exe'
- '%TEMP%\Sysqemwkazq.exe'
- '%TEMP%\Sysqemrrsmq.exe'
- '%TEMP%\Sysqemucory.exe'
- '%TEMP%\Sysqemtonoo.exe'
- '%TEMP%\Sysqemtllok.exe'
- '%TEMP%\Sysqemwfqfw.exe'
- '%TEMP%\Sysqemtkzyu.exe'
- '%TEMP%\Sysqemorawp.exe'
- '%TEMP%\Sysqemdrwmw.exe'
- '%TEMP%\Sysqemjsifx.exe'
- '%TEMP%\Sysqemdyzol.exe'
- '%TEMP%\Sysqemjeanm.exe'
- '%TEMP%\Sysqemgzjsy.exe'
- '%TEMP%\Sysqemtinkb.exe'
- '%TEMP%\Sysqemvzibl.exe'
- '%TEMP%\Sysqemggwjt.exe'
- '%TEMP%\Sysqemprwmr.exe'
- '%TEMP%\Sysqemmfvbl.exe'
- '%TEMP%\Sysqemdqbxh.exe'
- '%TEMP%\Sysqemspqqa.exe'
- '%TEMP%\Sysqemhejyq.exe'
- '%TEMP%\Sysqemcfprg.exe'
- '%TEMP%\Sysqemrkhxp.exe'
- '%TEMP%\Sysqemfuefa.exe'
- '%TEMP%\Sysqemrypcb.exe'
- '%TEMP%\Sysqemgwpgu.exe'
- '%TEMP%\Sysqemvaixs.exe'
- '%TEMP%\Sysqemkmhii.exe'
- '%TEMP%\Sysqemyyetm.exe'
- '%TEMP%\Sysqemfgbjm.exe'
- '%TEMP%\Sysqemacdto.exe'
- '%TEMP%\Sysqemppuci.exe'
- '%TEMP%\Sysqemufbib.exe'
- '%TEMP%\Sysqemsybbv.exe'
- '%TEMP%\Sysqemskozk.exe'
- '%TEMP%\Sysqemtyhsh.exe'
- '%TEMP%\Sysqemidskr.exe'
- '%TEMP%\Sysqemopqwo.exe'
- '%TEMP%\Sysqemypeze.exe'
- '%TEMP%\Sysqemypydo.exe'
- '%TEMP%\Sysqemkszdb.exe'
- '%TEMP%\Sysqemkwvtv.exe'
- '%TEMP%\Sysqemgiihu.exe'
- '%TEMP%\Sysqemqxkpw.exe'
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- %TEMP%\Sysqemrveup.exe
- %TEMP%\Sysqemujsij.exe
- %TEMP%\Sysqemxwbij.exe
- %TEMP%\Sysqemeqcgd.exe
- %TEMP%\Sysqemxqyyr.exe
- %TEMP%\Sysqempyvhx.exe
- %TEMP%\Sysqemezrxm.exe
- %TEMP%\Sysqemhmjgm.exe
- %TEMP%\Sysqemkioce.exe
- %TEMP%\Sysqemnxnnl.exe
- %TEMP%\Sysqemxqnow.exe
- %TEMP%\Sysqemfjomq.exe
- %TEMP%\Sysqemufbib.exe
- %TEMP%\Sysqemnccgj.exe
- %TEMP%\Sysqemvdwkz.exe
- %TEMP%\Sysqemsnzjr.exe
- %TEMP%\Sysqemelbpw.exe
- %TEMP%\Sysqemfdkgp.exe
- %TEMP%\Sysqemhnjjh.exe
- %TEMP%\Sysqemyozeu.exe
- %TEMP%\Sysqemghhco.exe
- %TEMP%\Sysqemdzufm.exe
- %TEMP%\Sysqembmcin.exe
- %TEMP%\Sysqemydgkd.exe
- %TEMP%\Sysqemnfxhp.exe
- %TEMP%\Sysqemqenqk.exe
- %TEMP%\Sysqemdbowi.exe
- %TEMP%\Sysqemnfmep.exe
- %TEMP%\Sysqemtllok.exe
- %TEMP%\Sysqemrrsmq.exe
- %TEMP%\Sysqemeptsk.exe
- %TEMP%\Sysqemuejqv.exe
- %TEMP%\Sysqemwkazq.exe
- %TEMP%\Sysqemtbtit.exe
- %TEMP%\Sysqemtkzyu.exe
- %TEMP%\Sysqemtonoo.exe
- %TEMP%\Sysqemucory.exe
- %TEMP%\Sysqemwfqfw.exe
- %TEMP%\Sysqemdyzol.exe
- %TEMP%\Sysqemorawp.exe
- %TEMP%\Sysqemrkhxp.exe
- %TEMP%\Sysqemjsifx.exe
- %TEMP%\Sysqemdrwmw.exe
- %TEMP%\Sysqemggwjt.exe
- %TEMP%\Sysqemgzjsy.exe
- %TEMP%\Sysqemjeanm.exe
- %TEMP%\Sysqemvzibl.exe
- %TEMP%\Sysqemcfprg.exe
- %TEMP%\Sysqemdqbxh.exe
- %TEMP%\Sysqemspqqa.exe
- %TEMP%\qpath.ini
- %TEMP%\Sysqamqqvaqqd.exe
- %TEMP%\Sysqemprwmr.exe
- %TEMP%\Sysqemfuefa.exe
- %TEMP%\Sysqemrypcb.exe
- %TEMP%\Sysqemmfvbl.exe
- %TEMP%\Sysqemhejyq.exe
- %TEMP%\Sysqemfgbjm.exe
- %TEMP%\Sysqemvaixs.exe
- %TEMP%\Sysqemkwvtv.exe
- %TEMP%\Sysqemyyetm.exe
- %TEMP%\Sysqemkmhii.exe
- %TEMP%\Sysqemskozk.exe
- %TEMP%\Sysqemppuci.exe
- %TEMP%\Sysqemacdto.exe
- %TEMP%\Sysqemsybbv.exe
- %TEMP%\Sysqemkszdb.exe
- %TEMP%\Sysqemopqwo.exe
- %TEMP%\Sysqemypeze.exe
- %TEMP%\Sysqemtinkb.exe
- %TEMP%\Sysqemgwpgu.exe
- %TEMP%\Sysqemtyhsh.exe
- %TEMP%\Sysqemgiihu.exe
- %TEMP%\Sysqemqxkpw.exe
- %TEMP%\Sysqemidskr.exe
- %TEMP%\Sysqemypydo.exe
- %TEMP%\Sysqemrveup.exe
- %TEMP%\Sysqemujsij.exe
- %TEMP%\Sysqemxwbij.exe
- %TEMP%\Sysqemeqcgd.exe
- %TEMP%\Sysqemxqyyr.exe
- %TEMP%\Sysqempyvhx.exe
- %TEMP%\Sysqemezrxm.exe
- %TEMP%\Sysqemhmjgm.exe
- %TEMP%\Sysqemkioce.exe
- %TEMP%\Sysqemfjomq.exe
- %TEMP%\Sysqemvdwkz.exe
- %TEMP%\Sysqemnccgj.exe
- %TEMP%\Sysqemxqnow.exe
- %TEMP%\Sysqemfdkgp.exe
- %TEMP%\Sysqemelbpw.exe
- %TEMP%\Sysqemnxnnl.exe
- %TEMP%\Sysqemhnjjh.exe
- %TEMP%\Sysqemsnzjr.exe
- %TEMP%\Sysqemuejqv.exe
- %TEMP%\Sysqemyozeu.exe
- %TEMP%\Sysqemghhco.exe
- %TEMP%\Sysqemdzufm.exe
- %TEMP%\Sysqembmcin.exe
- %TEMP%\Sysqemydgkd.exe
- %TEMP%\Sysqemnfxhp.exe
- %TEMP%\Sysqemqenqk.exe
- %TEMP%\Sysqemdbowi.exe
- %TEMP%\Sysqemnfmep.exe
- %TEMP%\Sysqemeptsk.exe
- %TEMP%\Sysqemtbtit.exe
- %TEMP%\Sysqemwkazq.exe
- %TEMP%\Sysqemrrsmq.exe
- %TEMP%\Sysqemucory.exe
- %TEMP%\Sysqemtonoo.exe
- %TEMP%\Sysqemtllok.exe
- %TEMP%\Sysqemwfqfw.exe
- %TEMP%\Sysqemtkzyu.exe
- %TEMP%\Sysqemufbib.exe
- %TEMP%\Sysqemdyzol.exe
- %TEMP%\Sysqemorawp.exe
- %TEMP%\Sysqemrkhxp.exe
- %TEMP%\Sysqemjsifx.exe
- %TEMP%\Sysqemdrwmw.exe
- %TEMP%\Sysqemggwjt.exe
- %TEMP%\Sysqemgzjsy.exe
- %TEMP%\Sysqemjeanm.exe
- %TEMP%\Sysqemvzibl.exe
- %TEMP%\Sysqemspqqa.exe
- %TEMP%\Sysqemprwmr.exe
- %TEMP%\Sysqemdqbxh.exe
- %TEMP%\Sysqamqqvaqqd.exe
- %TEMP%\Sysqemmfvbl.exe
- %TEMP%\Sysqemrypcb.exe
- %TEMP%\Sysqemcfprg.exe
- %TEMP%\Sysqemhejyq.exe
- %TEMP%\Sysqemfuefa.exe
- %TEMP%\Sysqemtinkb.exe
- %TEMP%\Sysqemfgbjm.exe
- %TEMP%\Sysqemvaixs.exe
- %TEMP%\Sysqemkwvtv.exe
- %TEMP%\Sysqemyyetm.exe
- %TEMP%\Sysqemkmhii.exe
- %TEMP%\Sysqemskozk.exe
- %TEMP%\Sysqemppuci.exe
- %TEMP%\Sysqemacdto.exe
- %TEMP%\Sysqemsybbv.exe
- %TEMP%\Sysqemypeze.exe
- %TEMP%\Sysqemtyhsh.exe
- %TEMP%\Sysqemgwpgu.exe
- %TEMP%\Sysqemopqwo.exe
- %TEMP%\Sysqemidskr.exe
- %TEMP%\Sysqemqxkpw.exe
- %TEMP%\Sysqemkszdb.exe
- %TEMP%\Sysqemypydo.exe
- %TEMP%\Sysqemgiihu.exe