Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\88cfa027e3307634] 'ImagePath' = '<DRIVERS>\88cfa027e3307634.sys'
- [<HKLM>\SYSTEM\ControlSet001\Services\88cfa027e3307634] 'Start' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\Services\syshost32] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\23790] 'Start' = '00000001'
- %WINDIR%\Installer\{706E1251-6650-3C93-D470-F65BB3FB8A14}\syshost.exe /service
- <DRIVERS>\88cfa027e3307634.sys
- <DRIVERS>\23790.sys
- %WINDIR%\Installer\{706E1251-6650-3C93-D470-F65BB3FB8A14}\syshost.exe
- из <Полный путь к вирусу> в %TEMP%\e2c1ce25.tmp