Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\P9JniMZh\Parameters] 'ServiceDll' = '%CommonProgramFiles%\Microsoft Shared\MSInfo\\fgkUTF.hix'
- [<HKLM>\SYSTEM\ControlSet001\Services\P9JniMZh] 'ImagePath' = '<SYSTEM32>\svchost.exe -k P9JniMZh'
- [<HKLM>\SYSTEM\ControlSet001\Services\P9JniMZh] 'Start' = '00000002'
- '<SYSTEM32>\svchost.exe' -k P9JniMZh
- %CommonProgramFiles%\Microsoft Shared\MSInfo\fgkUTF.hix
- <SYSTEM32>\config\SysEvent.Evt
- %CommonProgramFiles%\Microsoft Shared\MSInfo\fgkUTF.hix
- %CommonProgramFiles%\Microsoft Shared\MSInfo\fgkUTF.hix
- 'aa####.codns.com':14600
- DNS ASK aa####.codns.com