Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\zJwiCKbSfz8] 'Start' = '00000002'
- %TEMP%\1bed8.tmp
- <DRIVERS>\zJwiCKbSfz8.sys
- %TEMP%\1b774.tmp
- %TEMP%\1bb9b.tmp
- %TEMP%\1bed8.tmp
- <DRIVERS>\zJwiCKbSfz8.sys
- %TEMP%\1b774.tmp
- %TEMP%\1bb9b.tmp
- 'hi.##idu.com':80
- hi.##idu.com/yu20/blog/item/f5aef8de0cba6340ccbf1a9c.html
- DNS ASK hi.##idu.com
- ClassName: 'Shell_TrayWnd' WindowName: ''