Техническая информация
- [<HKLM>\SYSTEM\ControlSet003\Services\dowzrq] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet002\Services\dowzrq] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\dowzrq] 'Start' = '00000002'
- <SYSTEM32>\svchost.exe -k dowzrq
- ClassName: 'OLLYDBG' WindowName: ''
- ClassName: 'FileMonClass' WindowName: ''
- <SYSTEM32>\dowzrq.dll
- 'ma####ng.codns.com':1000
- DNS ASK ma####ng.codns.com
- ClassName: '18467-41' WindowName: ''