Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Wsfixr htpiiaku] 'Start' = '00000002'
- '%PROGRAM_FILES%\Microsoft Ytwxsv\Dfpfxfz.exe'
- '<SYSTEM32>\wscript.exe' "C:\7010.vbs"
- C:\7010.vbs
- %PROGRAM_FILES%\Microsoft Ytwxsv\Dfpfxfz.exe
- C:\7010.vbs
- 'www.xu##kai.cn':2014
- DNS ASK www.xu##kai.cn