Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\AsyncMac] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\comint32] 'ImagePath' = '<DRIVERS>\comint32.sys'
- [<HKLM>\SYSTEM\ControlSet001\Services\MH] 'ImagePath' = '%TEMP%\tmp2.tmp'
- [<HKLM>\SYSTEM\ControlSet001\Services\AsyncMac] 'ImagePath' = 'system32\DRIVERS\comint32.sys'
- NtMapViewOfSection, драйвер-обработчик: unknown
- %TEMP%\tmp1.tmp
- %TEMP%\tmp3.tmp
- <SYSTEM32>\HookHelp.sys
- C:\name.log
- C:\name.log
- %TEMP%\tmp2.tmp
- %TEMP%\tmp3.tmp в <DRIVERS>\comint32.sys
- %TEMP%\tmp1.tmp в %TEMP%\tmp2.tmp