Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\SxmfAgD] 'Start' = '00000002'
- %WINDIR%\SVCH0ST\xhcGy.exe
- iexplore.exe
- %WINDIR%\SVCH0ST\xhcGy.exe
- %WINDIR%\windns.ini
- %WINDIR%\SVCH0ST\BpiYow.dll
- 'we####21.3322.org':2600
- DNS ASK we####21.3322.org
- ClassName: 'MS_WINHELP' WindowName: ''