Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{74b5f312-b0f6-11d0-94ab-0080c74c7e95}] 'StubPath' = '<SYSTEM32>\pubptn.vbs'
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\wextract.exe
- <SYSTEM32>\ntuser.exe
- <SYSTEM32>\taskkill.exe /f /im TDDOWNLOAD.exe
- <SYSTEM32>\taskkill.exe /f /im FOUND.000.exe
- %TEMP%\JHYDRJ\EThread.fne
- <SYSTEM32>\ntuser.exe
- <SYSTEM32>\pubptn.vbs
- %TEMP%\JHYDRJ\krnln.fnr
- %TEMP%\JHYDRJ\eAPI.fne
- %TEMP%\JHYDRJ\internet.fne
- ClassName: '' WindowName: ''
- ClassName: '#32770' WindowName: '??????????????????????'