Техническая информация
- [<HKLM>\SOFTWARE\Classes\txtfile\shell\open\command] '' = '<SYSTEM32>\dllcache\notepad.exe %1'
- [<HKCU>\Control Panel\Desktop] 'SCRNSAVE.EXE' = '<SYSTEM32>\Default.scr'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Intel Audio Driver' = '<SYSTEM32>\config\lsass.exe'
- <SYSTEM32>\dllcache\notepad.exe
- <SYSTEM32>\config\lsass.exe
- ClassName: 'AVP.MainWindow' WindowName: ''
- ClassName: 'PROCMON_WINDOW_CLASS' WindowName: ''
- ClassName: 'OLLYDBG' WindowName: ''
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'DisallowRun' = '1'
- <SYSTEM32>\config\Cache\Dasktop.ini
- <SYSTEM32>\Default.scr
- <SYSTEM32>\config\lsass.exe
- <SYSTEM32>\config\lsass.exe
- ClassName: 'PROCEXPL' WindowName: ''
- ClassName: 'AnVirMainFrame' WindowName: ''
- ClassName: 'MainWind' WindowName: ''
- ClassName: 'Autoruns' WindowName: ''
- ClassName: '' WindowName: 'avast! Antivirus Setup'
- ClassName: '' WindowName: '???????????? ??????? AVZ'