Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\ialdnwxf] 'ImagePath' = '<SYSTEM32>\PerFectkKtJm.sys'
- <SYSTEM32>\PerFectkKtJm.sys
- C:\Tenparty.dat
- <SYSTEM32>\PerFectkKtJm.sys
- C:\Tenparty.dat
- C:\Tenparty.dat
- 'localhost':1036
- '41##3.com':80
- '20##a.com':80
- 'bu##g.com':80
- 'k5##.com':80
- '12#.#25.114.144':80
- '54##g.com':80
- 'cf##ori.com':80
- http://hi.##idu.com/icczz/blog/item/7b0c66258561af4e9922ed05.html via 12#.#25.114.144
- http://www.41##3.com/ via 41##3.com
- http://www.20##a.com/ via 20##a.com
- http://www.bu##g.com/02.html via bu##g.com
- http://www.k5##.com/ via k5##.com
- http://www.54##g.com/ via 54##g.com
- http://www.cf##ori.com/ via cf##ori.com
- DNS ASK www.41##3.com
- DNS ASK www.20##a.com
- DNS ASK www.bu##g.com
- DNS ASK www.k5##.com
- DNS ASK www.24##a.com
- DNS ASK hi.##idu.com
- DNS ASK www.54##g.com
- DNS ASK www.na##wg.com
- DNS ASK www.cf##ori.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''