Техническая информация
- [<HKLM>\SOFTWARE\Classes\MSProgramGroup\Shell\Open\Command] '' = '<SYSTEM32>\grpconv.exe %1'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'GrpConv' = 'grpconv -o'
- <SYSTEM32>\runonce.exe -r
- <SYSTEM32>\grpconv.exe -o
- <SYSTEM32>\cmd.exe /c wpcap.bat
- <SYSTEM32>\rundll32.exe setupapi,InstallHinfSection DefaultInstall 128 %WINDIR%\ViewQQLib\wpcap.inf
- <SYSTEM32>\Packet.dll
- %WINDIR%\ViewQQLib\ViewQQ.exe
- %WINDIR%\ViewQQLib\wpcap.inf
- <SYSTEM32>\wpcap.dll
- <DRIVERS>\npf.sys
- <SYSTEM32>\pthreadVC.dll
- <SYSTEM32>\WanPacket.dll
- %WINDIR%\ViewQQLib\Packet.dll
- %WINDIR%\ViewQQLib\npf.sys
- %WINDIR%\ViewQQLib.zip
- %WINDIR%\ViewQQLib\pthreadVC.dll
- %WINDIR%\ViewQQLib\wpcap.dll
- %WINDIR%\ViewQQLib\wpcap.bat
- %WINDIR%\ViewQQLib\WanPacket.dll
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'msctls_updown32' WindowName: ''