Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\svngage] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\svngage] 'ImagePath' = '<DRIVERS>\svngage.exe'
- %WINDIR%\syswow64\drivers\svngage.exe
- %WINDIR%\keys.ini
- %WINDIR%\syswow64\drivers\svngage.exe в %WINDIR%\syswow64\drivers\svngage.exe231
- '%WINDIR%\syswow64\drivers\svngage.exe'
- '%WINDIR%\syswow64\werfault.exe' -u -p 2012 -s 224' (со скрытым окном)