Техническая информация
- '<SYSTEM32>\cmd.exe' /c <SYSTEM32>\Dell.bat
- '<SYSTEM32>\svchost.exe'
- '<SYSTEM32>\secpol.exe'
- <SYSTEM32>\svchost.exe
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\U98D4X8H\update[1].htm
- <SYSTEM32>\Dell.bat
- <SYSTEM32>\secpol.exe
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\KHMHGZ4F\update[1].htm
- <SYSTEM32>\secpol.exe в <SYSTEM32>\secpol.exe.tmp
- <SYSTEM32>\secpol.exe
- 'up####.cn911.org':80
- '74.##5.232.51':80
- http://up####.cn911.org/update.htm
- http://www.google.com/ via 74.##5.232.51
- DNS ASK up####.cn911.org
- DNS ASK www.google.com