Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\GEARSecurity] 'ImagePath' = '<SYSTEM32>\GEARSEC.EXE'
- [<HKLM>\SYSTEM\ControlSet001\Services\GEARSecurity] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\GEARAspiWDM] 'ImagePath' = '<DRIVERS>\GEARASPIWDM.SYS'
- <SYSTEM32>\GEARASPI.DLL
- %TEMP%\GEARAspi.dll
- %TEMP%\remideup.exe
- %WINDIR%\<Имя файла>.exe
- <SYSTEM32>\GEARSEC.EXE
- <DRIVERS>\GEARASPIWDM.SYS
- %TEMP%\iosupd.exe
- %TEMP%\GEARAspiWDM.sys
- %TEMP%\GEARAspiSys.sys
- %TEMP%\Drivers.cab
- %TEMP%\gearcdr.vxd
- %TEMP%\GEARASPI.VXD
- %TEMP%\gearsec.exe
- %TEMP%\GEARAspiWDM.sys
- %TEMP%\gearsec.exe
- %TEMP%\Drivers.cab
- %TEMP%\GEARAspi.dll