Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\BITS] 'Start' = '00000002'
- <SYSTEM32>\rundll32.exe %WINDIR%\Winxp.dll MyEntryPoint
- <SYSTEM32>\svchost.exe -k netsvcs
- <SYSTEM32>\rundll32.exe %TEMP%\116015_res.tmp hello
- 360tray.exe
- <DRIVERS>\winsawids.sys
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CJCTQ25G\o[1].jpg
- %TEMP%\116015_res.tmp
- %WINDIR%\Winxp.dll
- %WINDIR%\Winxp.dll
- 'www.jj##zmj.cn':80
- 'localhost':1037
- 'w.##-uc.cn':80
- www.jj##zmj.cn/o.jpg
- w.##-uc.cn/getmac.jsp?x=#######################
- DNS ASK www.jj##zmj.cn
- DNS ASK w.##-uc.cn