Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\WMS] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\WMS] 'ImagePath' = '%WINDIR%\wmu\wnetmon.exe'
- [<HKLM>\SYSTEM\ControlSet002\Services\WMS] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet002\Services\WMS] 'ImagePath' = '%WINDIR%\wmu\wnetmon.exe'
- %WINDIR%\wmu\wnetmon.exe
- %WINDIR%\wmu\unsecapp.exe
- %ProgramFiles%\Keygen\ImageLine\ImageLine_RSA2048_Keygen.exe
- %TEMP%\nsd2.tmp
- %TEMP%\BASSMOD.dll
- %TEMP%\bgm.xm
- %TEMP%\keygen.exe
- %TEMP%\R2RILKG2.dll
- '%ProgramFiles%\Keygen\ImageLine\ImageLine_RSA2048_Keygen.exe'
- '%TEMP%\keygen.exe'