Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'uppdat' = 'C:\ProgramData\TempData\lib\uppdat\upldate.exe'
- 'C:\ProgramData\TempData\lib\uppdat\upldate.exe'
- '%TEMP%\fsguidll.exe'
- C:\ProgramData\TempData\lib\uppdat\upldate.exe
- C:\ProgramData\TempData\lib\uppdat\fslapi.dll
- C:\ProgramData\TempData\lib\uppdat\fslapi.dll.gui
- %TEMP%\fslapi.dll
- %TEMP%\fslapi.dll.gui
- %TEMP%\fsguidll.exe
- 'www.me#####iaoyiwang.com':603
- DNS ASK www.me#####iaoyiwang.com