Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\klan] 'Start' = '00000002'
- %TEMP%\YLOG.txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\ggb[1].txt
- <DRIVERS>\klan.sys
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\ggb[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\ggb[1].txt
- %TEMP%\YLOG.txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\ggb[1].txt
- 'www.ip###ugou.com':80
- 'ip####.poloi999.cn':80
- 'localhost':1037
- www.ip###ugou.com/bbs/ggb.txt
- ip####.poloi999.cn/bbs/ggb.txt
- DNS ASK www.ip###ugou.com
- DNS ASK ip####.poloi999.cn