Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\9DdgiZWn] 'Start' = '00000002'
- <SYSTEM32>\svchost.exe -k 9DdgiZWn
- %CommonProgramFiles%\Microsoft Shared\MSInfo\7SWYDF.hix
- <SYSTEM32>\config\SysEvent.Evt
- %CommonProgramFiles%\Microsoft Shared\MSInfo\7SWYDF.hix
- 'qw####3.codns.com':14600
- DNS ASK qw####3.codns.com