Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] '{91B1E846-2BEF-4345-8848-7699C7C9935F}' = ''
- '<SYSTEM32>\cmd.exe' /c ""<Текущая директория>\_xr.bat" "
- <Текущая директория>\_xr.bat
- %CommonProgramFiles%\Microsoft Shared\MSInfo\SysWFGQQ2.dll
- ClassName: 'ListBox' WindowName: 'ZXY_wfgQQ'
- ClassName: 'ListBox' WindowName: 'dll_wfgQQ'