Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] '{AE4E3268-C2D5-46C6-8394-1EA605741205}' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] '%WINDIR%\Fonts\ghmxtmpo.dll' = '{AE4E3268-C2D5-46C6-8394-1EA605741205}'
- <SYSTEM32>\regsvr32.exe /s "%WINDIR%\Fonts\ghmxtmpo.dll"
- Библиотека-обработчик для всех процессов: %WINDIR%\Fonts\ghmxtmpo.dll
- %WINDIR%\Fonts\JR27.nls
- %WINDIR%\Fonts\ghmxtmpo.tmp
- %WINDIR%\Fonts\ghmxtmpo.tmp в %WINDIR%\Fonts\ghmxtmpo.dll