Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'DCOM Server 25319' = '{2C1CD3D7-86AC-4068-93BC-A02304B25319}'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] '{2C1CD3D7-86AC-4068-93BC-A02304B25319}' = 'DCOM Server 25319'
- <SYSTEM32>\rundll32.exe "<SYSTEM32>\itqgug.dll",run
- <SYSTEM32>\itqgug.dll
- '65.##1.175.129':25319