Technical Information
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'Alcmeter' = '%TEMP%\7p966aV03lvj209.exe'
- [<HKLM>\Software\Classes\NGOXMQSNNMNYULO\shell\open\command] '' = '%TEMP%\7p966aV03lvj209.exe'
- <Drive name for removable media>:\how to decrypt files.txt
- <Drive name for removable media>:\delete.avi
- <Drive name for removable media>:\split.avi
- <Drive name for removable media>:\dial.bmp
- <Drive name for removable media>:\toolbar.bmp
- <Drive name for removable media>:\tileimage.bmp
- <Drive name for removable media>:\coffee.bmp
- <Drive name for removable media>:\dashborder_96.bmp
- <Drive name for removable media>:\sdkfailsafeemulator.cer
- <Drive name for removable media>:\pmd.cer
- %TEMP%\clean.exe
- %TEMP%\7p966av03lvj209.exe
- %TEMP%\clean.exe
- '%TEMP%\clean.exe'