Техническая информация
- [<HKLM>\SYSTEM\ControlSet003\Services\esgrcy] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet002\Services\esgrcy] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\esgrcy] 'Start' = '00000002'
- '<SYSTEM32>\svchost.exe' -k esgrcy
- <SYSTEM32>\wqvhph.dll
- <SYSTEM32>\0005a125.ini