Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\rawip] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\CrtCvc] 'Start' = '00000002'
- %WINDIR%\svchost.exe
- <DRIVERS>\RawIPHlp.sys
- %WINDIR%\svchost.exe
- 'www.go##le.ru':80
- 'ca###book.com':7012
- 'fr###mway.com':7012
- 'ap#.##pmania.com':80
- 'sp####estfmt.com':80
- 'am###water.com':7012
- sp####estfmt.com/1_MB.BIN
- ap#.##pmania.com/
- DNS ASK www.go##le.ru
- DNS ASK ca###book.com
- DNS ASK fr###mway.com
- DNS ASK ap#.##pmania.com
- DNS ASK sp####estfmt.com
- DNS ASK am###water.com