Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\ad6670a27c746eb] 'ImagePath' = '<DRIVERS>\ad6670a27c746eb.sys'
- [<HKLM>\SYSTEM\ControlSet001\Services\ad6670a27c746eb] 'Start' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\Services\syshost32] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\21fe2] 'Start' = '00000001'
- %WINDIR%\Installer\{ED0AA0C2-3575-A89A-2CA6-3AFD0C46E2BC}\syshost.exe /service
- <SYSTEM32>\services.exe
- <SYSTEM32>\lsass.exe
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\winlogon.exe
- System
- <SYSTEM32>\smss.exe
- <SYSTEM32>\csrss.exe
- <DRIVERS>\ad6670a27c746eb.sys
- %WINDIR%\pchealth\ERRORREP\UserDumps\csrss.exe.20120627-192827-00.mdmp
- %WINDIR%\Installer\{ED0AA0C2-3575-A89A-2CA6-3AFD0C46E2BC}\syshost.exe
- <DRIVERS>\21fe2.sys
- <DRIVERS>\21fe2.sys
- из <Полный путь к вирусу> в %TEMP%\633ddb7b.tmp