Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Pml Driver HPZl2jrq] 'Start' = '00000002'
- <SYSTEM32>\svchost.exe -k netsvcs
- %WINDIR%\XHJ38.reg
- %TEMP%\XX118421nd.temp
- %WINDIR%\MyInformations.ini
- %WINDIR%\XHJ38.txt
- %WINDIR%\MyInformations.ini
- %WINDIR%\XHJ38.reg
- %WINDIR%\XHJ38.txt
- 'to####.twbbs.org':808
- DNS ASK to####.twbbs.org