Technical Information
- [<HKLM>\System\CurrentControlSet\Services\hyf55] 'ImagePath' = '%TEMP%\zPFsjTB.sys'
- 'hyf55' %TEMP%\zPFsjTB.sys
- ClassName: 'Regmonclass', WindowName: ''
- ClassName: 'Filemonclass', WindowName: ''
- %TEMP%\zpfsjtb.sys
- <Current directory>\softlic32.dll
- C:\softlick.dat
- %TEMP%\zpfsjtb.sys
- <Current directory>\softlic32.dll
- %TEMP%\zpfsjtb.sys
- 'kk.##ybox.com':80
- http://kk.##ybox.com/kss_io/io.php?v=################################################
- DNS ASK kk.##ybox.com
- ClassName: '4823-00000029' WindowName: ''
- ClassName: '18467-41' WindowName: ''