Техническая информация
- <SYSTEM32>\rundll32.exe "%CommonProgramFiles%\BAIDUHI\BAIDU.TMP",config
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\wz[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\wz[1].txt
- %CommonProgramFiles%\BAIDUHI\BAIDU.TMP
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\wz[1].txt
- 'fo##ans.com':80
- fo##ans.com/wz.txt
- DNS ASK fo##ans.com