Техническая информация
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'QQNetBar' = '%TEMP%\ImageCtrl\QQNetBar.exe -auto_start -hide'
- %TEMP%\autb5c7.tmp
- %TEMP%\imagectrl\wxmsw28u_gcc_cb.dll
- %TEMP%\autb919.tmp
- %TEMP%\imagectrl\ui.dat
- %TEMP%\autb82e.tmp
- %TEMP%\imagectrl\qqwb_protect.exe
- %TEMP%\autb772.tmp
- %TEMP%\imagectrl\qqnetbar.ini
- %TEMP%\autb771.tmp
- %TEMP%\imagectrl\qqnetbar.exe
- %TEMP%\autb751.tmp
- %TEMP%\imagectrl\profile.ini
- %TEMP%\autb740.tmp
- %TEMP%\imagectrl\msvcr100.dll
- %TEMP%\autb6e2.tmp
- %TEMP%\imagectrl\msvcp100.dll
- %TEMP%\autb6c2.tmp
- %TEMP%\imagectrl\common.dll
- %TEMP%\autb959.tmp
- %TEMP%\imagectrl\log\qqnetbar.log
- %TEMP%\autb5c7.tmp
- %TEMP%\autb6c2.tmp
- %TEMP%\autb6e2.tmp
- %TEMP%\autb740.tmp
- %TEMP%\autb751.tmp
- %TEMP%\autb771.tmp
- %TEMP%\autb772.tmp
- %TEMP%\autb82e.tmp
- %TEMP%\autb919.tmp
- %TEMP%\autb959.tmp
- '22#.#87.223.80':11111
- 'rp####a.wb.qq.com':80
- http://rp####a.wb.qq.com/data
- '22#.#87.223.80':11111
- DNS ASK rp####a.wb.qq.com
- ClassName: 'CTXOPConntion_Class' WindowName: ''
- '%TEMP%\imagectrl\qqnetbar.exe'
- '%TEMP%\imagectrl\qqwb_protect.exe'
- '%TEMP%\imagectrl\qqwb_protect.exe' ' (со скрытым окном)
- '%WINDIR%\explorer.exe' /e,%TEMP%\ImageCtrl\qqwb_protect.exe