Техническая информация
- <SYSTEM32>\regsvr32.exe /s "<Текущая директория>\RzxIP.Dll"
- %WINDIR%\Explorer.EXE
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\rnd[1].asp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\x[1].asp
- <Текущая директория>\RzxIP.Dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\nPop[1].xml
- 'rz##.i8oo.com':80
- 'rz##.yoozo.cn':80
- 'localhost':1036
- 'rz##.#nstyle8.com':80
- rz##.yoozo.cn/x.asp?nu#####################
- rz##.i8oo.com/rnd.asp?nu####################
- rz##.#nstyle8.com/PushFile/nPop.xml?nu#####################
- DNS ASK rz##.yoozo.cn
- DNS ASK rz##.i8oo.com
- DNS ASK rz##.#nstyle8.com