Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Wsckgk mgecisgc] 'ImagePath' = '%WINDIR%\Uyesfdm.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Wsckgk mgecisgc] 'Start' = '00000002'
- '%WINDIR%\Uyesfdm.exe'
- '<Текущая директория>\ldyzvm.dll'
- %WINDIR%\Uyesfdm.exe
- <Текущая директория>\ldyzvm.dll
- <Текущая директория>\ldyzvm.dll
- 'as####.51vip.biz':8989
- 'ld#.#dyzz.com':80
- http://ld#.#dyzz.com/v15/yz.php
- DNS ASK as####.51vip.biz
- DNS ASK ld#.#dyzz.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''