Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\Mslmedia] 'Start' = '00000001'
- [<HKLM>\System\CurrentControlSet\Services\Mslmedia] 'ImagePath' = 'system32\DRIVERS\Mslmedia.sys'
- %TEMP%\lmtp~\hlsys32.exe
- %TEMP%\lmtp~\hlsys64.exe
- %TEMP%\lmtp~\hlsys.dat
- %TEMP%\lmtp~\lksys.ini
- %TEMP%\batfile~.bat
- %TEMP%\~tmp_hl\mslmedia.sys
- %WINDIR%\setupsti.log
- %TEMP%\~tmp_hl\mslmedia.inf
- <DRIVERS>\setd9ec.tmp
- %WINDIR%\hllog.txt
- %WINDIR%\temp\uddde80.tmp
- %TEMP%\~tmp_hl\mslmedia.inf
- %TEMP%\~tmp_hl\mslmedia.sys
- %WINDIR%\temp\uddde80.tmp
- %TEMP%\lmtp~\hlsys64.exe
- %TEMP%\lmtp~\hlsys.dat
- %TEMP%\lmtp~\hlsys32.exe
- %TEMP%\lmtp~\lksys.ini
- <DRIVERS>\setd9ec.tmp в <DRIVERS>\mslmedia.sys
- '%TEMP%\lmtp~\hlsys64.exe' /ins
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\batfile~.bat" "' (со скрытым окном)
- '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\batfile~.bat" "