Техническая информация
- %CommonProgramFiles%\NTService.exe
- %CommonProgramFiles%\NTService.exe (загружен из сети Интернет)
- <SYSTEM32>\tasklist.exe /SVC
- <SYSTEM32>\cmd.exe /c C:\Install.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\termsrvhack[1].dll
- %CommonProgramFiles%\NTService.exe
- C:\termsrvhack.dll
- C:\chongqi.bat
- C:\3389.txt
- C:\Install.bat
- C:\3389.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\NTSVC[1].ocx
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\NTService[1].exe
- %CommonProgramFiles%\NTSVC.ocx
- 'rj.#hum.cn':80
- 'localhost':1037
- rj.#hum.cn/ww/termsrvhack.dll
- rj.#hum.cn/ww/NTService.exe
- rj.#hum.cn/ww/NTSVC.ocx
- DNS ASK rj.#hum.cn
- ClassName: 'Shell_TrayWnd' WindowName: ''