Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'systemlog32.exe' = '<SYSTEM32>\systemlog32.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'wmts' = '<SYSTEM32>\wmts.exe'
- '<SYSTEM32>\wmts.exe'
- '<SYSTEM32>\reg.exe' add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v systemlog32.exe /t REG_SZ /d <SYSTEM32>\systemlog32.exe /f
- '<SYSTEM32>\reg.exe' add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v wmts /t REG_SZ /d <SYSTEM32>\wmts.exe /f
- '<SYSTEM32>\regsvr32.exe' <SYSTEM32>\mswinsck.ocx /s
- <SYSTEM32>\wmts.exe
- <SYSTEM32>\systemlog32.exe
- <SYSTEM32>\mswinsck.ocx
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'