Техническая информация
- [<HKLM>\SYSTEM\ControlSet003\Services\????] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet002\Services\????] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\PStorage] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\????] 'Start' = '00000002'
- '<SYSTEM32>\svchost.exe' -k PStorage
- <SYSTEM32>\ysejdw.dll
- <SYSTEM32>\0005758a.ini
- 'any':0
- 'qw####qt.gicp.net':8080
- DNS ASK qw####qt.gicp.net