Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\1390bcs] 'Start' = '00000001'
- [<HKLM>\SYSTEM\ControlSet001\Services\1390bcs] 'ImagePath' = '<DRIVERS>\1390bcs.sys'
- [<HKLM>\SYSTEM\ControlSet001\Services\offcie.NetMSSQL uls 001] 'Start' = '00000002'
- '<SYSTEM32>\svchost.exe' -k "offcie.NetMSSQL uls 001"
- <DRIVERS>\1390bcs.sys
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CJCTQ25G\polo001[1].txt
- <SYSTEM32>\mt1ea8am.dll
- <SYSTEM32>\RCX1.tmp
- <SYSTEM32>\mt1ea8am.dll
- <SYSTEM32>\RCX1.tmp в <SYSTEM32>\mt1ea8am.dll
- '14.##6.5.163':80
- 14.##6.5.163/ip/polo001.txt