Техническая информация
- [<HKLM>\SYSTEM\ControlSet003\Services\jkyrpj] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet002\Services\jkyrpj] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\jkyrpj] 'Start' = '00000002'
- '%CommonProgramFiles%\Microsoft Shared\MSInfo\ЅМіМІвКФДѕВн.exe'
- '<SYSTEM32>\svchost.exe' -k jkyrpj
- <SYSTEM32>\ajouoy.dll
- <SYSTEM32>\000571fe.ini
- %CommonProgramFiles%\Microsoft Shared\MSInfo\ЅМіМІвКФДѕВн.jpg
- %CommonProgramFiles%\Microsoft Shared\MSInfo\ЅМіМІвКФДѕВн.jpg в %CommonProgramFiles%\Microsoft Shared\MSInfo\ЅМіМІвКФДѕВн.exe
- 'ni######iroujia.3322.org':8000
- DNS ASK ni######iroujia.3322.org