Техническая информация
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\] 'WindowsServicesUpdates32' = '%WINDIR%\75921066819724208\winzqfh.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run\] 'WindowsServicesUpdates32' = '%WINDIR%\75921066819724208\winzqfh.exe'
- %WINDIR%\75921066819724208\winzqfh.exe
- %WINDIR%\75921066819724208\winzqfh.exe
- 'mt##.##0.yahoodns.net':25
- '92.##.197.153':80
- DNS ASK ya##o.com
- DNS ASK mt##.##0.yahoodns.net
- '%WINDIR%\75921066819724208\winzqfh.exe'