Technical Information
- [<HKLM>\System\CurrentControlSet\Services\Rsoeio oymegcmk] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Rsoeio oymegcmk] 'ImagePath' = '%ProgramFiles(x86)%\Microsoft Yimucs\Goiqgci.exe'
- %ProgramFiles(x86)%\microsoft yimucs\goiqgci.exe
- %ProgramFiles(x86)%\microsoft yimucs\goiqgci.exe
- from <Full path to file> to %WINDIR%\syswow64\1057593.bak
- '43.##6.36.41':2132
- '%ProgramFiles(x86)%\microsoft yimucs\goiqgci.exe'
- '%ProgramFiles(x86)%\microsoft yimucs\goiqgci.exe' Win7