Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Gcwbdp Cpfssxbf Dyg] 'Start' = '00000002'
- '<SYSTEM32>\svchost.exe' -k imgsvc
- %PROGRAM_FILES%\Wydh\Ejsjspaks.bmp
- C:\xiaoqi.ini
- %PROGRAM_FILES%\Wydh\Ejsjspaks.bmp
- C:\xiaoqi.ini
- 'ko###.#s-a-democrat.com':1846
- DNS ASK ko###.#s-a-democrat.com