Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\JX4712] 'ImagePath' = '%TEMP%\JX4712.dat'
- [<HKLM>\SYSTEM\CurrentControlSet\Services\Driver] 'ImagePath' = 'c:\Driver.sys'
- %WINDIR%\syswow64\cmd.exe
- ClassName: 'Regmonclass', WindowName: ''
- ClassName: 'Filemonclass', WindowName: ''
- %TEMP%\jx4712.dat
- C:\adriver.dll
- C:\driver.sys
- %WINDIR%\temp\udd14f0.tmp
- C:\6.bat
- %ProgramFiles%\apppatch\netsyst87.dll
- %TEMP%\jx4712.dat
- %WINDIR%\temp\udd14f0.tmp
- http://www.pf##j.cn/3.txt
- http://www.pf##j.cn/NetSyst87.dll
- DNS ASK pf##j.cn
- DNS ASK lo######t.ptlogin2.qq.com
- ClassName: '4823-00000029' WindowName: ''
- ClassName: '18467-41' WindowName: ''
- '%WINDIR%\syswow64\cmd.exe'
- '%WINDIR%\syswow64\cmd.exe' /C @mode con cols=80 lines=24&COLOR
- '%WINDIR%\syswow64\mode.com' con cols=80 lines=24