Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'appEvent90' = 'rundll32.exe "<LS_APPDATA>\lanapiTrust\appEvent90.dll",d3dapi32 ieUserCmds'
- <SYSTEM32>\rundll32.exe "<LS_APPDATA>\lanapiTrust\appEvent90.dll",d3dapi32 ieUserCmds
- <SYSTEM32>\rundll32.exe "%TEMP%\Syncmap.NET.dll", d3dapi32 AppEventcdrom
- <LS_APPDATA>\lanapiTrust\appEvent90.dll
- %TEMP%\Syncmap.NET.dll
- %TEMP%\nsi2.tmp
- %TEMP%\Syncmap.NET.dll
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Quickapidrv' WindowName: ''