Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Tcpz-x86] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\WamiSvc] 'Start' = '00000002'
- <SYSTEM32>\tcpwamilib.exe
- <SYSTEM32>\ping.exe -n 2 127.0.0.1
- C:\Tcpz-x86.sys
- <SYSTEM32>\tcpwamilib.exe
- <SYSTEM32>\tcpwamilib.exe
- C:\Tcpz-x86.sys
- 'ne#.#ajaca.com':80
- 'us###.to.jajaca.com':21
- ne#.#ajaca.com/it.asp?in########
- DNS ASK ne#.#ajaca.com
- DNS ASK us###.to.jajaca.com
- DNS ASK www.google.com