Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}] 'DllName' = ''
- %PROGRAM_FILES%\eyes\.exe
- <SYSTEM32>\gpupdate.exe /force
- %PROGRAM_FILES%\eyes\.exe
- 'up####.wbwin.com':83
- DNS ASK up####.wbwin.com
- ClassName: 'Shell Embedding' WindowName: ''