Техническая информация
- %WINDIR%\explorer.exe /e,<SYSTEM32>\bits\5678\
- <SYSTEM32>\regsvr32.exe /s <SYSTEM32>\bits\rgxlzqcil.dll
- <SYSTEM32>\cacls.exe "<SYSTEM32>\bits" /t /e /g everyone:f
- %WINDIR%\d47044eeff.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\Count[1].asp
- <SYSTEM32>\bits\rgxlzqcil.dll
- <SYSTEM32>\bits\5678\svchost.exe
- <SYSTEM32>\58cf18fdff.dll
- 'co###.llads.cn':80
- co###.llads.cn/IEBar/Count.asp?ac#####################################################################################################################
- DNS ASK co###.llads.cn
- DNS ASK ud#.#job123.com
- 'ud#.#job123.com':31802
- ClassName: '' WindowName: 'GINA Logon'
- ClassName: '' WindowName: ''
- ClassName: 'MS_WINHELP' WindowName: ''