Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'MediaService' = '<SYSTEM32>\wmplay32.exe'
- %HOMEPATH%\Start Menu\Programs\Startup\Windows Media.lnk
- <SYSTEM32>\wmplay32.exe
- <SYSTEM32>\sleep.exe 2
- <SYSTEM32>\taskkill.exe /im logui.exe /f
- <SYSTEM32>\taskkill.exe /im wmplay32.exe /f
- <SYSTEM32>\cmd.exe /c <SYSTEM32>\system.bat
- <SYSTEM32>\sleep.exe
- <SYSTEM32>\system.bat
- %TEMP%\nsf2.tmp\ExecDos.dll
- <SYSTEM32>\logui2.exe
- <SYSTEM32>\settings3.bin
- <SYSTEM32>\wmplay322.exe
- ClassName: '' WindowName: ''