Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\WinHckx32] 'Start' = '00000002'
- %TEMP%\秒领NBA会员.exe
- <SYSTEM32>\WinHrbg32.exe
- %TEMP%\DS_Server.exe
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\WinHrbg32.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\getimage[1].448064062840628
- %TEMP%\DS_Server.exe
- %TEMP%\秒领NBA会员.exe
- <SYSTEM32>\WinHrbg32.exe
- %TEMP%\DS_Server.exe
- 'cg#.#ppx.qq.com':80
- '42.##4.96.245':8000
- 'ca###ha.qq.com':80
- 'www.ip##8.com':80
- cg#.#ppx.qq.com/cgi/qqweb/weather/wth/weather.do?re############################
- www.ip##8.com/ips1388.asp
- ca###ha.qq.com/getimage?ai###########################
- DNS ASK cg#.#ppx.qq.com
- DNS ASK www.ip##8.com
- DNS ASK ca###ha.qq.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''