Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'dbMouselog' = 'rundll32.exe "<LS_APPDATA>\UtilEventCmds\dbMouselog.dll",AcroPadmon SecurityGL90'
- <SYSTEM32>\rundll32.exe "<LS_APPDATA>\UtilEventCmds\dbMouselog.dll",AcroPadmon SecurityGL90
- <SYSTEM32>\rundll32.exe ""%TEMP%\SysAuthentication80.dll"", AcroPadmon CRLPathserv
- <LS_APPDATA>\UtilEventCmds\dbMouselog.dll
- %TEMP%\SysAuthentication80.dll
- %TEMP%\SysAuthentication80.dll
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'sysobjxx' WindowName: ''