https://www.bleepingcomputer.com/news/security/massive-400-000-proxy-botnet-built-with-stealthy-malware-infections/
AT&T recommends looking for a "Digital Pulse" executable at "%AppData%" or a similarly named Registry key on "HKCU\Software\Microsoft\Windows\CurrentVersion\Run." If any are present, the researchers recommend removing them.
The name of the scheduled task is "DigitalPulseUpdateTask" and should also be deleted to eliminate the chance of the client update mechanism re-introducing the infection.
https://www.bleepingcomputer.com/news/security/massive-400-000-proxy-botnet-built-with-stealthy-malware-infections/
AT&T recommends looking for a "Digital Pulse" executable at "%AppData%" or a similarly named Registry key on "HKCU\Software\Microsoft\Windows\CurrentVersion\Run." If any are present, the researchers recommend removing them.
The name of the scheduled task is "DigitalPulseUpdateTask" and should also be deleted to eliminate the chance of the client update mechanism re-introducing the infection.