Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe] 'Debugger' = 'help'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360deepscan.exe] 'Debugger' = 'help'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe] 'Debugger' = 'help'
- [<HKLM>\SOFTWARE\Classes\txtfile\shell\open\command] '' = '%WINDIR%\soyo.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'system' = 'explorers.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'shell' = 'explorer.exe %WINDIR%\kar32.exe'
- Диспетчера задач (Taskmgr)
- %WINDIR%\soyo.exe
- %WINDIR%\kar32.exe
- <SYSTEM32>\cmd.exe /c c:\a.bat
- C:\a.bat
- %WINDIR%\soyo.exe
- %WINDIR%\inf\imac.inf
- %WINDIR%\kar32.exe