Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls] 'AppSecDll' = '%PROGRAM_FILES%\NVIDIA\NIntEx.OLE'
- <SYSTEM32>\winlogon.exe
- %PROGRAM_FILES%\NVIDIA\NIntEx.OLE
- from <Full path to virus> to %TEMP%\SOFTWARE.LOG
- 'ws####4.3322.org':8000
- DNS ASK ws####4.3322.org
- ClassName: '' WindowName: 'opjkropiaeklmaieee'