Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] '{02E92FA2-FA16-4D55-A70F-BD4EF7B0A968}' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] '%WINDIR%\fonts\vykfdoun.dll' = '{02E92FA2-FA16-4D55-A70F-BD4EF7B0A968}'
- <SYSTEM32>\regsvr32.exe /s "%WINDIR%\fonts\vykfdoun.dll"
- Библиотека-обработчик для всех процессов: %WINDIR%\fonts\vykfdoun.dll
- elementclient.exe
- %WINDIR%\Fonts\gzwmgj01.dat
- %WINDIR%\Fonts\vykfdoun.tmp
- %WINDIR%\Fonts\vykfdoun.tmp в %WINDIR%\Fonts\vykfdoun.dll