Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'i18apiCmds' = 'rundll32.exe "<LS_APPDATA>\msEventppm\i18apiCmds.dll",nsobjplugin kbdcrt90'
- <SYSTEM32>\rundll32.exe "<LS_APPDATA>\msEventppm\i18apiCmds.dll",nsobjplugin kbdcrt90
- <SYSTEM32>\rundll32.exe "%TEMP%\WdmapARM.dll", nsobjplugin AppCommshid
- <LS_APPDATA>\msEventppm\i18apiCmds.dll
- %TEMP%\WdmapARM.dll
- %TEMP%\WdmapARM.dll
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'BthMapman' WindowName: ''