Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\MessageService] 'Start' = '00000002'
- <SYSTEM32>\MsServices\Reg.exe
- %TEMP%\service_lina_ruanzhong.exe
- %TEMP%\bizA.exe
- <SYSTEM32>\regsvr32.exe <DRIVERS>\spoolsv.dll /s
- <SYSTEM32>\MsServices\MsService.dll
- <SYSTEM32>\MsServices\Reg.exe
- %TEMP%\nsf5.tmp
- <SYSTEM32>\MsServices\OldUnReg.dll
- %WINDIR%\inf\Services.ini
- <SYSTEM32>\MsServices\unreg1.dll
- <SYSTEM32>\MsServices\svchost.dll
- %TEMP%\service_lina_ruanzhong.exe
- %TEMP%\bizA.exe
- %TEMP%\nsw2.tmp
- <DRIVERS>\System.ini
- <DRIVERS>\WEBDLL.DLL
- <DRIVERS>\spoolsv.dll
- <DRIVERS>\HttpReq.dll
- %TEMP%\service_lina_ruanzhong.exe
- %TEMP%\bizA.exe