Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Sxikihuvuw' = 'rundll32.exe "%WINDIR%\iadfsti.dll",Startup'
- <LS_APPDATA>\114594.exe
- <LS_APPDATA>\114593.exe
- <SYSTEM32>\rundll32.exe "%WINDIR%\iadfsti.dll",iep
- <SYSTEM32>\cmd.exe /c ""%APPDATA%\fklgu.bat" "
- <SYSTEM32>\rundll32.exe "%WINDIR%\iadfsti.dll",Startup
- %WINDIR%\iadfsti.dll
- %APPDATA%\fklgu.bat
- <LS_APPDATA>\114593.exe
- <LS_APPDATA>\114594.exe
- <LS_APPDATA>\114594.exe
- 'localhost':1035
- ClassName: 'Indicator' WindowName: ''