Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] '{3FDEB171-8F86-0022-1B01-69B8DB553683}' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '360Safeyh' = 'C:\Download\JPty\svchost.exe'
- C:\Download\JPty\svchost.exe
- C:\system1.exe
- <SYSTEM32>\cmd.exe /c c:\aa.bat
- %WINDIR%\explorer.exe
- <SYSTEM32>\cmd.exe /c C:\aar.bat
- C:\aar.bat
- <SYSTEM32>\jHYrbty2.dll
- C:\Download\JPty\svchost.exe
- C:\aa.bat
- C:\system1.exe
- C:\system1.exe
- ClassName: 'Edit' WindowName: 'JpTYZL'
- ClassName: '' WindowName: ''
- ClassName: 'Edit' WindowName: 'JPtyMM'
- ClassName: 'Edit' WindowName: 'JPty'