Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\dbb106413611d271] 'ImagePath' = '<DRIVERS>\dbb106413611d271.sys'
- [<HKLM>\SYSTEM\ControlSet001\Services\dbb106413611d271] 'Start' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\Services\syshost32] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\20ff4] 'Start' = '00000001'
- %WINDIR%\Installer\{C7D0C167-5540-53F2-EE64-85DACDE4A451}\syshost.exe /service
- <SYSTEM32>\smss.exe
- System
- <DRIVERS>\dbb106413611d271.sys
- <DRIVERS>\20ff4.sys
- %WINDIR%\Installer\{C7D0C167-5540-53F2-EE64-85DACDE4A451}\syshost.exe
- <DRIVERS>\20ff4.sys
- из <Полный путь к вирусу> в %TEMP%\1d2f7b72.tmp