Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'QuickMainext' = 'rundll32.exe "<LS_APPDATA>\DirectPaddlg\QuickMainext.dll",AgereMainPort kbdUserVdm'
- <SYSTEM32>\rundll32.exe "<LS_APPDATA>\DirectPaddlg\QuickMainext.dll",AgereMainPort kbdUserVdm
- <SYSTEM32>\rundll32.exe ""%TEMP%\mciMaplink.dll"", AgereMainPort BluetoothPathNotifier
- %TEMP%\~GLH0000.TMP
- %TEMP%\GLG5.tmp
- <LS_APPDATA>\DirectPaddlg\QuickMainext.dll
- %TEMP%\mciMaplink.dll
- %TEMP%\nsc2.tmp\NSISdl.dll
- %TEMP%\outlook-connector-for-mdaemon-2.2.7.exe
- %TEMP%\outlook-connector-for-mdaemon-2.2.7.log
- %TEMP%\GLC3.tmp
- %TEMP%\nsc2.tmp\NSISdl.dll
- %TEMP%\mciMaplink.dll
- 'st##rs.info':80
- st##rs.info/st/stin.php?sf################################################
- DNS ASK st##rs.info
- '<IP-адрес в локальной сети>':1033
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'BthWI32' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''