Technical Information
- [<HKLM>\System\CurrentControlSet\Services\nqacdjkksz] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\nqacdjkksz] 'ImagePath' = '"%HOMEPATH%\gvltseawy.dat" service nqacdjkksz'
- [<HKLM>\SYSTEM\ControlSet001\Services\nqacdjkksz] 'ImagePath' = '"%HOMEPATH%\gvltseawy.dat" service nqacdjkksz'
- [<HKLM>\SYSTEM\ControlSet001\Services\nqacdjkksz] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet002\Services\nqacdjkksz] 'ImagePath' = '"%HOMEPATH%\gvltseawy.dat" service nqacdjkksz'
- [<HKLM>\SYSTEM\ControlSet002\Services\nqacdjkksz] 'Start' = '00000002'
- 'nqacdjkksz' "%HOMEPATH%\gvltseawy.dat" service nqacdjkksz
- %HOMEPATH%\gvltseawy.dat
- %WINDIR%\temp\displayimage ...
- '%HOMEPATH%\gvltseawy.dat' service nqacdjkksz
- '%WINDIR%\temp\displayimage ...' daemon 1800 3366636 38
- '%WINDIR%\temp\displayimage ...' hatchery
- '%WINDIR%\temp\displayimage ...' guardian 1372
- '%WINDIR%\temp\displayimage ...' minion