Техническая информация
- '%TEMP%\setvol\sleep.exe' 30000
- '%TEMP%\setvol\AutoVolume.exe'
- '%TEMP%\setvol\Qiu.EXE' "%TEMP%\setvol\setvol.cmd"
- '<SYSTEM32>\sndvol32.exe'
- '<SYSTEM32>\taskkill.exe' /f /t /im AutoVolume.exe
- '<SYSTEM32>\cmd.exe' /c %TEMP%\setvol\setvol.cmd
- '<SYSTEM32>\taskkill.exe' /im sndvol32.exe /f
- %TEMP%\setvol\sleep.exe
- %TEMP%\E_N4\krnln.fnr
- %TEMP%\E_N4\EThread.fne
- %TEMP%\setvol\setVol.cmd
- %TEMP%\setvol\AutoVolume.exe
- %TEMP%\setvol\Qiu.EXE
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''