Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\zfxfxyybihhxb] 'Start' = '00000002'
- %TEMP%\DAT1.tmp.exe
- %TEMP%\DAT1.tmp.exe --SERVICE
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CJCTQ25G\getcfg[1].htm
- %TEMP%\DAT1.tmp.exe
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CJCTQ25G\getcfg[1].htm
- '37.#.58.201':80
- 37.#.58.201/574/getcfg.php