Technical Information
- [<HKLM>\System\CurrentControlSet\Services\fcppae] 'Start' = '00000000'
- [<HKLM>\System\CurrentControlSet\Services\fcppae] 'ImagePath' = 'system32\drivers\zwxjui.sys'
- 'fcppae' <DRIVERS>\zwxjui.sys
- %APPDATA%\microsoft\internet explorer\quick launch\æô¶¯ internet explorer ä¯à à æ÷.lnk
- %HOMEPATH%\favorites\Гøö·µ¼º½.url
- %WINDIR%\syswow64\usfq.dll
- %WINDIR%\syswow64\drivers\zwxjui.sys
- %WINDIR%\syswow64\74g2zf.bat
- nul
- '%WINDIR%\syswow64\cmd.exe' /c <SYSTEM32>\74G2zf.bat' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c <SYSTEM32>\74G2zf.bat
- '%WINDIR%\syswow64\ping.exe' -n 3 127.0.0.1