Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] '{2BF41072-B2B1-21C1-B5C1-0305F415CJSH}' = ''
- <SYSTEM32>\cmd.exe /c %TEMP%\$$cmd.bat
- %WINDIR%\Explorer.EXE
- %TEMP%\$$cmd.bat
- <SYSTEM32>\ole64_32.dll
- ClassName: 'CJSH WndClass' WindowName: ''