Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Mslmedia] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\Mslmedia] 'ImagePath' = 'system32\DRIVERS\Mslmedia.sys'
- %TEMP%\E_N30005\krnln.fnr
- <DRIVERS>\SET3.tmp
- %WINDIR%\inf\oem3.PNF
- %WINDIR%\inf\oem3.inf
- %TEMP%\~tmp_hl\mslmedia.sys
- %TEMP%\~tmp_hl\mslmedia.inf
- %WINDIR%\Setupsti.log
- %WINDIR%\hllog.txt
- %TEMP%\_lm_delself_.bat
- %WINDIR%\_ntdll.bak
- %TEMP%\E_N30005\dp1.fne
- %TEMP%\E_N30005\internet.fne
- %TEMP%\E_N30005\spec.fne
- %TEMP%\E_N30005\eAPI.fne
- %TEMP%\E_N30005\HtmlView.fne
- %TEMP%\E_N30005\shell.fne
- %TEMP%\E_N30005\iext.fnr
- C:\hi.exe
- <DRIVERS>\msjclock.sys
- C:\hi.exe
- %TEMP%\~tmp_hl\mslmedia.inf
- %TEMP%\~tmp_hl\mslmedia.sys
- <DRIVERS>\SET3.tmp в <DRIVERS>\Mslmedia.sys
- 'C:\hi.exe'
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\_lm_delself_.bat" "
- '<SYSTEM32>\ping.exe' 127.0.0.1 -n 2