Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Google Update' = '%APPDATA%\wqrrbi.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Google Update' = '"%APPDATA%\wqrrbi.exe"'
- %HOMEPATH%\Start Menu\Programs\Startup\Google Update.lnk
- '%APPDATA%\wqrrbi.exe'
- '<SYSTEM32>\ping.exe' -n 5 -w 1000 127.0.0.1
- Idle
- %APPDATA%\wqrrbi.exe
- %APPDATA%\wqrrbi.exe
- 'sf##43.biz':80
- http://sf##43.biz/np/gate.php
- DNS ASK sf##43.biz
- ClassName: 'Indicator' WindowName: ''