Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'NativeUserdsc' = 'rundll32.exe "<LS_APPDATA>\SecurityMainCmds\NativeUserdsc.dll",d3dmapClock CRLcfgPlay'
- <SYSTEM32>\rundll32.exe "<LS_APPDATA>\SecurityMainCmds\NativeUserdsc.dll",d3dmapClock CRLcfgPlay
- <SYSTEM32>\rundll32.exe "%TEMP%\SyncapiCres.dll", d3dmapClock usbapiman
- <LS_APPDATA>\SecurityMainCmds\NativeUserdsc.dll
- %TEMP%\nso2.tmp
- %TEMP%\SyncapiCres.dll
- %TEMP%\SyncapiCres.dll
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'SecurityGLman' WindowName: ''