Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Microsoft Config Setup' = '%WINDIR%\jodrive32.exe'
- %WINDIR%\jodrive32.exe
- MCAGENT.EXE
- fsav32.exe
- nod32.exe
- zlclient.exe
- spidernt.exe
- GUARD.EXE
- bdss.exe
- bdagent.exe
- ClamWin.exe
- fsav.exe
- Drweb32w.exe
- %WINDIR%\jodrive32.exe
- %WINDIR%\jodrive32.exe
- 'jo####.ahrampress.net':6943
- DNS ASK jo####.ahrampress.net