Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{29DCEB80-8BF8-FB9D-794D-38D24F702904}] 'stubpath' = '%WINDIR%\win.in\win.exe s'
- '%WINDIR%\win.in\win.exe'
- '%WINDIR%\win.in\win.exe'
- '%TEMP%\win32.exe'
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\shimgvw.dll,ImageView_Fullscreen %TEMP%\c452cee6559c74d2660ee9815d9ca400_400x244[1].jpg
- %WINDIR%\Explorer.EXE
- %TEMP%\win32.exe
- %APPDATA%\addons.dat
- %WINDIR%\win.in\win.exe
- %TEMP%\c452cee6559c74d2660ee9815d9ca400_400x244[1].jpg.nb5.tmp
- %TEMP%\c452cee6559c74d2660ee9815d9ca400_400x244[1].jpg
- %TEMP%\win32.exe.nb5.tmp
- %APPDATA%\addons.dat
- %WINDIR%\win.in\win.exe
- %TEMP%\win32.exe.nb5.tmp
- %TEMP%\c452cee6559c74d2660ee9815d9ca400_400x244[1].jpg.nb5.tmp
- 'bi#####000.no-ip.info':81
- 'localhost':81
- DNS ASK bi#####000.no-ip.info
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'ShImgVw:CPreviewWnd' WindowName: ''