Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\MSDTCHLP] 'ImagePath' = '<Full path to file>'
- [<HKLM>\SYSTEM\ControlSet001\Services\MSDTCHLP] 'Start' = '00000002'
- <SYSTEM32>\BLOB
- C:\Documents and Settings\LocalService\Local Settings\<INETFILES>\Content.IE5\CJCTQ25G\MS[1].zip
- <Current directory>\flv1.tmp
- <Current directory>\tcpsec.dat
- <SYSTEM32>\tcpsec.dat
- <SYSTEM32>\MS.dll
- 'bl####ole.host.sk':80
- 'localhost':1037
- http://bl####ole.host.sk/sm/MS.zip
- DNS ASK bl####ole.host.sk