Technical Information
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'msconfig' = '<SYSTEM32>\msconfig.exe /system32 /NvMcTray'
- %TEMP%\aute5fb.tmp
- %WINDIR%\iefxz.dll
- %TEMP%\aute5fb.tmp
- '%WINDIR%\syswow64\regsvr32.exe' /s %WINDIR%\IEFXZ.dll