Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\winrar] 'Start' = '00000002'
- <SYSTEM32>\dllcache\dsound.dll файлом <SYSTEM32>\dllcache\dsound.dll
- '%TEMP%\svchost.exe'
- '%TEMP%\spoolsv.exe'
- '%TEMP%\黄色电影.exe'
- '%TEMP%\蝙蝠侠.exe'
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\deltemp.bat" "
- '<SYSTEM32>\regsvr32.exe' "%WINDIR%\UoDo\game.dll" /s
- '<SYSTEM32>\cmd.exe' /c %WINDIR%\uninstal.bat
- %WINDIR%\system\TIM5.DRV
- %TEMP%\TIM5.tmp
- %TEMP%\nsu4.tmp
- %WINDIR%\UoDo\game.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\bianfx[1]
- %TEMP%\deltemp.bat
- %WINDIR%\dsound.dll
- %WINDIR%\uninstal.bat
- %TEMP%\蝙蝠侠.exe
- %TEMP%\黄色电影.exe
- %TEMP%\svchost.exe
- %TEMP%\6.exe
- %TEMP%\nsd2.tmp\System.dll
- %TEMP%\spoolsv.exe
- %TEMP%\nsd2.tmp\System.dll
- %TEMP%\spoolsv.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\bianfx[1]
- %TEMP%\TIM5.tmp
- %TEMP%\蝙蝠侠.exe
- %TEMP%\黄色电影.exe
- %TEMP%\6.exe
- <SYSTEM32>\dsound.dll в <SYSTEM32>\dsound.dll.bak
- <SYSTEM32>\dllcache\dsound.dll в <SYSTEM32>\dllcache\dsound.dll.bak
- 'www.bi##fx.tk':80
- www.bi##fx.tk/
- DNS ASK www.bi##fx.tk
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'