Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\Drv_WZM] 'ImagePath' = 'C:\Drv_WZM.sys'
- 'Drv_WZM' C:\Drv_WZM.sys
- %WINDIR%\syswow64\êó±êçý¶¯.dll
- C:\drv_wzm.sys
- %WINDIR%\temp\udd784a.tmp
- %WINDIR%\taoacceleratorex64_ev.sys
- %WINDIR%\hpsocket4c.dll
- %WINDIR%\syswow64\êó±êçý¶¯.dll
- C:\drv_wzm.sys
- %WINDIR%\taoacceleratorex64_ev.sys
- %WINDIR%\hpsocket4c.dll
- %WINDIR%\temp\udd784a.tmp
- C:\drv_wzm.sys
- '10#.#4.151.104':8000
- 'ns####.netease.com':80
- http://ns####.netease.com/
- http://on###########5-211-190-199.nstool.netease.com/
- '10#.#4.151.104':8000
- DNS ASK xl##.net
- DNS ASK ns####.netease.com
- DNS ASK on###########5-211-190-199.nstool.netease.com
- '%WINDIR%\taoacceleratorex64_ev.sys'
- '%WINDIR%\syswow64\sc.exe' stop Drv_WZM' (со скрытым окном)
- '%WINDIR%\syswow64\cmd.exe' /c del TAOAcceleratorEx64_ev.sys' (со скрытым окном)
- '%WINDIR%\syswow64\sc.exe' stop Drv_WZM
- '%WINDIR%\syswow64\cmd.exe' /c del TAOAcceleratorEx64_ev.sys