Technical Information
- [<HKCU>\Software\Classes\ntdriver\shell\open\command] '' = '"%APPDATA%\Microsoft\SysWOW_x86_64\sidebar2.exe" /START "%1" %*'
- [<HKCU>\Software\Classes\.exe] '' = 'ntdriver'
- [<HKCU>\Software\Classes\.exe] 'Content-Type' = 'application/x-msdownload'
- [<HKCU>\Software\Classes\.exe\shell\open\command] '' = '"%APPDATA%\Microsoft\SysWOW_x86_64\sidebar2.exe" /START "%1" %*'
- %APPDATA%\microsoft\syswow_x86_64\cygwin32\nthserv.exe
- %APPDATA%\microsoft\syswow_x86_64\sidebar2.exe
- mailslot\889ad32ed40b51203b2765b8cf7d65bb
- %APPDATA%\microsoft\syswow_x86_64\sidebar2.exe
- DNS ASK mv###.zapto.org
- '%APPDATA%\microsoft\syswow_x86_64\sidebar2.exe' /START "%APPDATA%\Microsoft\SysWOW_x86_64\sidebar2.exe"
- '%APPDATA%\microsoft\syswow_x86_64\sidebar2.exe'