Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SRwww] 'Start' = '00000002'
- <SYSTEM32>\svchost.exe -k netsvcs
- <DRIVERS>\etc\FgQKTjrpBF.del
- <DRIVERS>\etc\EgLxdU2L.dll
- <DRIVERS>\etc\FgQKTjrpBF.ini
- <DRIVERS>\etc\FgQKTjrpBF.del
- 'pk####796.gnway.net':8800
- DNS ASK pk####796.gnway.net