Техническая информация
- '%TEMP%\jwxf\jwxfloader.exe'
- '<SYSTEM32>\svchost.exe' Jw_Hlj_20140417
- '<SYSTEM32>\svchost.exe'
- <SYSTEM32>\svchost.exe
- %TEMP%\jwxf\jw.ICO
- %HOMEPATH%\Desktop\ЅбКшѕ»Нш.lnk
- %TEMP%\jwxf\jwxfloader.exe
- %TEMP%\jwxf\mainpro.ini
- 'jw.##lan.com':1998
- 'if####.ip138.com':80
- if####.ip138.com/ic.asp
- DNS ASK jw.##lan.com
- DNS ASK if####.ip138.com
- ClassName: '#32770' WindowName: '????????'
- ClassName: 'WTWindow' WindowName: 'crnjeufu-????????'
- ClassName: '#32770' WindowName: '????????????'
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''