Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{621A56D8B0-ARE2IL-A0YE1-NTDJ4-RQRF07I4J980}] 'StubPath' = 'sysver.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Shell' = 'Explorer.exe syschost.exe s'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{631355B4E1-KAC2IL-O4KGD-S16T4-TQEC10D1O702}] 'StubPath' = 'sysver.exe'
- Диспетчера задач (Taskmgr)
- Редактора реестра (RegEdit)
- <SYSTEM32>\syschost.exe s
- %WINDIR%\sysver.exe s
- [<HKCU>\Software\Yahoo\Pager]
- %WINDIR%\sysver.exe
- <SYSTEM32>\syschost.exe
- %WINDIR%\sysver.exe
- <SYSTEM32>\syschost.exe