Technical Information
- <SYSTEM32>\wbem\wmiadap.exe /R /T
- %ALLUSERSPROFILE%\Application Data\RCX2.tmp
- <SYSTEM32>\wbem\Performance\WmiApRpl_new.ini
- %ALLUSERSPROFILE%\Application Data\wbklib.dll
- %TEMP%\e1.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\getid[1].php
- %ALLUSERSPROFILE%\Application Data\wbklib.dll.dll
- %ALLUSERSPROFILE%\Application Data\wbklib.dll
- from %ALLUSERSPROFILE%\Application Data\RCX2.tmp to %ALLUSERSPROFILE%\Application Data\wbklib.dll
- from %ALLUSERSPROFILE%\Application Data\wbklib.dll to %ALLUSERSPROFILE%\Application Data\wbklib.dll.dll
- from %TEMP%\e1.tmp to %ALLUSERSPROFILE%\Application Data\wbklib.dll
- '91.##5.111.52':80
- 91.##5.111.52/getid.php?ge#############################