Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvmonxp.exe] 'Debugger' = '%SystemRoot%\System32\CodeByGT.dll'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32kui.exe] 'Debugger' = '%SystemRoot%\System32\CodeByGT.dll'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360Safe.exe] 'Debugger' = '%SystemRoot%\System32\CodeByGT.dll'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rav.exe] 'Debugger' = '%SystemRoot%\System32\CodeByGT.dll'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kav32.exe] 'Debugger' = '%SystemRoot%\System32\CodeByGT.dll'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe] 'Debugger' = '%SystemRoot%\System32\CodeByGT.dll'
- [<HKLM>\SYSTEM\ControlSet001\Services\FTP] 'Start' = '00000002'