Technical Information
- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{89932911-43dc-4bea-85d6-5f158c9da452}]
- %TEMP%\4d5202ef\ydypyl8tqbfworv.dat
- %TEMP%\4d5202ef\n4lapbnnjdtvoh.dll
- %TEMP%\4d5202ef\n4lapbnnjdtvoh.tlb
- %TEMP%\4d5202ef\n4lapbnnjdtvoh.x64.dll
- %ProgramFiles(x86)%\goisave\n4lapbnnjdtvoh.dll
- %ProgramFiles(x86)%\goisave\n4lapbnnjdtvoh.tlb
- %ProgramFiles(x86)%\goisave\n4lapbnnjdtvoh.dat
- %ProgramFiles(x86)%\goisave\n4lapbnnjdtvoh.x64.dll
- %ALLUSERSPROFILE%\goisave\ydypyl8tqbfworv.exe
- %ALLUSERSPROFILE%\goisave\ydypyl8tqbfworv.dat
- %ALLUSERSPROFILE%\d72b01536359e303\{c87834eb-a2a0-b9d4-aa9a-c263d1191051}.20230702124951
- %TEMP%\4d5202ef\ydypyl8tqbfworv.dat
- %TEMP%\4d5202ef\n4lapbnnjdtvoh.dll
- %TEMP%\4d5202ef\n4lapbnnjdtvoh.tlb
- %TEMP%\4d5202ef\n4lapbnnjdtvoh.x64.dll
- '%WINDIR%\syswow64\regsvr32.exe' /s "%ProgramFiles(x86)%\GoiSave\n4LaPBnNjDtvOH.x64.dll"
- '<SYSTEM32>\regsvr32.exe' /s "%ProgramFiles(x86)%\GoiSave\n4LaPBnNjDtvOH.x64.dll"