Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Zone Labs Client' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Olepro32.dll' = '%WINDIR%\csrss.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\runservicesonce] 'Olepro32.dll' = '%WINDIR%\csrss.exe'
- '%WINDIR%\csrss.exe'
- '<SYSTEM32>\ntvdm.exe' -f -i1
- '<SYSTEM32>\regsvr32.exe' MsWinsck.ocx /s
- outpost.exe
- zapro.exe
- ZONEALARM.EXE
- AVGCTRL.EXE
- AVSYNMGR.EXE
- fsav32.exe
- %TEMP%\12608.exe
- %WINDIR%\Temp\scs1.tmp
- %WINDIR%\Temp\scs2.tmp
- <SYSTEM32>\Mswinsck.ocx
- %WINDIR%\csrss.exe
- %WINDIR%\Temp\scs2.tmp
- %WINDIR%\Temp\scs1.tmp
- ClassName: 'ConsoleWindowClass' WindowName: 'ntvdm-c6c.c70.380001'