wsock32.dll

JKE (Trojan.PSW.LMir.jke)

VC++?Aspack

IE

Mir0.dat

DLL

IE?DLL?

IEDLL

Mir0.dat

1regedit.exe

2?

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden

\NOHIDDENCheckedValue2?

3?

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden

\SHOWALLCheckedValue1?

1-?

2Windows?WinXP?C:\windows?Win2000?C:\WINNT?mir0.dat?

Hooks.dll?

3?Windows?System32wintemp.dll?

4?IE?iexplorer.exeIEC:\Program

Files\Internet Explorer?Wsock32.dll?Wsock32.dll.tmp)?

5?wsock32.dll?20~30KB

60~90KB

Mir0.dat?.