Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Microsoft NTFS Cache' = '<SYSTEM32>\ntfscache.exe'
- %TEMP%\UBUPDATE.EXE
- %TEMP%\CBBD.EXE
- <SYSTEM32>\ntfscache.exe
- %TEMP%\CBBD.EXE
- %TEMP%\UBUPDATE.EXE
- '17#.#27.100.233':443
- ClassName: 'Shell_TrayWnd' WindowName: ''