Техническая информация
- <SYSTEM32>\regsvr32.exe /s QMDispatch.dll
- %WINDIR%\Temp\r.bmp
- %WINDIR%\Temp\quxiao.bmp
- %WINDIR%\Temp\jujue.bmp
- <SYSTEM32>\WINIO.VXD
- <SYSTEM32>\joyp.sys
- %WINDIR%\Temp\stop.wav
- %WINDIR%\Temp\start.wav
- <SYSTEM32>\Helper.dll
- <SYSTEM32>\Winio.dll
- <SYSTEM32>\QMdispatch.dll
- %WINDIR%\Temp\start.bmp
- %WINDIR%\Temp\jsqr.bmp
- %WINDIR%\Temp\enter.bmp
- %WINDIR%\Temp\qr.bmp
- <SYSTEM32>\joyp.sys
- 'www.cy##.com':80
- www.cy##.com/download/csol.txt
- DNS ASK www.cy##.com
- ClassName: 'Shell_TrayWnd' WindowName: ''