Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Wsocka ycosyswq] 'Start' = '00000002'
- '%PROGRAM_FILES%\Microsoft Aqyoqm\Jmsrprh.exe'
- ClassName: 'RegMonClass' WindowName: ''
- ClassName: 'FileMonClass' WindowName: ''
- %WINDIR%\Temp\A1D8DA24.TMP
- %PROGRAM_FILES%\Microsoft Aqyoqm\Jmsrprh.exe
- 'cy####.f3322.net':8037
- DNS ASK cy####.f3322.net