Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\FxZwgwZ15vFGFA.sbtx] 'ImagePath' = '%WINDIR%\SysWOW64\drivers\xQQZddv18FQGCZ.sbtx'
- 'FxZwgwZ15vFGFA.sbtx' %WINDIR%\SysWOW64\drivers\xQQZddv18FQGCZ.sbtx
- %WINDIR%\syswow64\drivers\xqqzddv18fqgcz.sbtx
- C:\80.txt
- C:\80.txt
- %WINDIR%\syswow64\drivers\xqqzddv18fqgcz.sbtx в %TEMP%\809957\....\temporaryfile
- 'ya###engba.cn':80
- http://www.ya###engba.cn/api.php
- DNS ASK ya###engba.cn