Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'h2d0mq.exe' = '<SYSTEM32>\h2d0mq.exe'
- '<SYSTEM32>\regsvr32.exe' /s /u %WINDIR%\regsvrac32.dll
- '<SYSTEM32>\regsvr32.exe' /s /u %TEMP%\regsvrac32.dll
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\5c09.dll
- '<SYSTEM32>\regsvr32.exe' /s /u <SYSTEM32>\regsvrac32.dll
- '<SYSTEM32>\regsvr32.exe' /s /u <SYSTEM32>\BrowserHelper.dll
- '<SYSTEM32>\regsvr32.exe' /s /u %WINDIR%\BrowserHelper.dll
- '<SYSTEM32>\regsvr32.exe' /s /u %TEMP%\BrowserHelper.dll
- %WINDIR%\d800.sys
- %TEMP%\d800.sys
- <SYSTEM32>\d800.sys
- <SYSTEM32>\h2d0mq.exe
- <SYSTEM32>\5c09.dll