Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] '{94602C15-9A4E-4C25-842A-FDF422B4556A}' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] '%WINDIR%\fonts\iwoqxbwq.dll' = '{94602C15-9A4E-4C25-842A-FDF422B4556A}'
- '<SYSTEM32>\regsvr32.exe' /s "%WINDIR%\fonts\iwoqxbwq.dll"
- Библиотека-обработчик для всех процессов: %WINDIR%\fonts\iwoqxbwq.dll
- %WINDIR%\Fonts\GB00026.nls
- %WINDIR%\Fonts\iwoqxbwq.tmp
- %WINDIR%\Fonts\iwoqxbwq.tmp в %WINDIR%\Fonts\iwoqxbwq.dll