Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\NtmsSvc] 'Start' = '00000002'
- <SYSTEM32>\ntmssvc.dll
- C:\Bullet_Log\2928.log
- C:\Bullet_Log\2924.log
- C:\Bullet_Log\2920.log
- C:\Bullet_Log\2940.log
- C:\Bullet_Log\2936.log
- C:\Bullet_Log\2932.log
- C:\Bullet_Log\2916.log
- %TEMP%\weYsyLgwskUM058C.dat
- C:\Bullet_Log\2804.log
- C:\Documents and Settings\Infortmp.txt
- C:\Bullet_Log\2912.log
- C:\Bullet_Log\2908.log
- C:\Bullet_Log\2888.log
- %TEMP%\weYsyLgwskUM058C.dat
- C:\Documents and Settings\Infortmp.txt
- '61.##2.227.23':799
- '10#.#4.177.123':50000
- 'ts.##ss520.com':799
- 'p.###456.com':74
- 'www.qv###ob5.com':799
- '11#.#38.237.222':799
- DNS ASK www.qv###ob5.com
- DNS ASK ts.##ss520.com
- DNS ASK www.ba##u.com
- DNS ASK p.###456.com