Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] '{E58B05EE-6CA5-42E1-A0CE-82169DDEE42C}' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] '%WINDIR%\fonts\gbhcqeev.dll' = '{E58B05EE-6CA5-42E1-A0CE-82169DDEE42C}'
- <SYSTEM32>\regsvr32.exe /s "%WINDIR%\fonts\gbhcqeev.dll"
- Библиотека-обработчик для всех процессов: %WINDIR%\fonts\gbhcqeev.dll
- %WINDIR%\Fonts\gzqqxx01.dat
- %WINDIR%\Fonts\gbhcqeev.tmp