Техническая информация
- [<HKLM>\SOFTWARE\Classes\jpgefile\shell\open\command] '' = ''
- [<HKLM>\SOFTWARE\Classes\inffile\shell\open\command] '' = ''
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\shimgvw.dll,ImageView_Fullscreen C:\1.jpg
- '<SYSTEM32>\wscript.exe' "C:\WinGHO\jy1.vbs"
- '%WINDIR%\regedit.exe' /s "%TEMP%\HZ$D.275.703\sfx.reg"
- '<SYSTEM32>\wscript.exe' "C:\WinGHO\jpg.vbs"
- C:\WinGHO\WinGHO.vbs
- C:\1.jpg
- C:\WinGHO\q1.vbs
- C:\WinGHO\q2.vbs
- %HOMEPATH%\Recent\1.lnk
- %HOMEPATH%\Recent\Local Disk (C).lnk
- %TEMP%\HZ$D.275.703\sfx.reg
- C:\WinGHO\123.zip
- C:\WinGHO\Exmlrpc.fne
- C:\WinGHO\inst.inf
- C:\123.zip
- C:\WinGHO\dp1.fne
- C:\WinGHO\jy2.vbs
- C:\WinGHO\krnln.fnr
- C:\WinGHO\jpg.vbs
- C:\WinGHO\jy1.vbs
- C:\WinGHO\jpg.vbs
- C:\123.zip
- ClassName: 'ShImgVw:CPreviewWnd' WindowName: '(null)'
- ClassName: 'RegEdit_RegEdit' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'