Техническая информация
- [<HKLM>\SYSTEM\ControlSet003\Services\kjmmtu] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet002\Services\kjmmtu] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\kjmmtu] 'Start' = '00000002'
- <SYSTEM32>\svchost.exe -k kjmmtu
- <SYSTEM32>\szzirv.dll
- <SYSTEM32>\0004f6af.sys
- '5a##.8866.org':1080
- DNS ASK 5a##.8866.org