Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'dbar' = '%PROGRAM_FILES%\dbar\update.exe'
- <SYSTEM32>\regsvr32.exe /s /c "%PROGRAM_FILES%\dbar\dbar.ocx"
- <SYSTEM32>\regsvr32.exe /s /c "%PROGRAM_FILES%\dbar\dbar.dll"
- %PROGRAM_FILES%\dbar\uninstaller.exe
- %PROGRAM_FILES%\dbar\update.exe
- %TEMP%\RGI1.tmp
- %PROGRAM_FILES%\dbar\dbari.ocx
- %TEMP%\installer.zip
- %PROGRAM_FILES%\dbar\info.dat
- %PROGRAM_FILES%\dbar\dbar.dll
- %TEMP%\RGI1.tmp
- 'www.sh####ng-bags.co.kr':80
- www.sh####ng-bags.co.kr/dbar/dlog.php?pg################################################################################################################################################################################################
- DNS ASK www.sh####ng-bags.co.kr
- ClassName: 'dbar Update' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''