Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] '{36429484-6478-41B2-A32B-FD0B4BBF04B2}' = 'Maihook1007'
- 'C:\Documents and Settings\AVP.EXE'
- <SYSTEM32>\YJU.dll
- C:\filedebug
- C:\Documents and Settings\AVP.EXE
- ClassName: '#32770' WindowName: '????QQ????'
- ClassName: '#32770' WindowName: ''