Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\svchest133122] 'Start' = '00000002'
- <SYSTEM32>\svchost.exe /k netsvcs
- %CommonProgramFiles%\Hiv.ini
- %CommonProgramFiles%\svchest133122.TMP
- %CommonProgramFiles%\svchest133122.TMP
- %CommonProgramFiles%\Hiv.ini
- 'ja####9.gnway.net':80
- DNS ASK ja####9.gnway.net