Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\koltyduyiu] 'Start' = '00000002'
- <SYSTEM32>\xkjtks.exe
- C:\Documents and Settings\sdf.exe
- C:\Documents and Settings\usha.exe
- <SYSTEM32>\xkjtks.exe
- C:\Documents and Settings\sdf.exe
- C:\Documents and Settings\usha.exe
- C:\Documents and Settings\usha.exe
- '67.##5.160.76':80
- 'www.fa###ook.com':80
- 'www.ta##ao.com':80
- '74.##5.232.51':80
- 'www.na##r.com':80
- 'bl##.#ina.com.cn':80
- '20#.#6.232.182':80
- 67.##5.160.76/
- www.fa###ook.com/
- www.ta##ao.com/
- 74.##5.232.51/
- www.na##r.com/
- bl##.#ina.com.cn/s/blog_ae895bda01018jdz.html
- 20#.#6.232.182/
- DNS ASK www.ya##o.com
- DNS ASK www.fa###ook.com
- DNS ASK www.ta##ao.com
- DNS ASK www.google.com
- DNS ASK www.na##r.com
- DNS ASK bl##.#ina.com.cn
- DNS ASK www.microsoft.com