Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\WinHsnb32] 'Start' = '00000002'
- %PROGRAM_FILES%\7rar\WinHyrw32.exe
- <SYSTEM32>\rundll32.exe newdev.dll,ClientSideInstall \\.\pipe\PNP_Device_Install_Pipe_0.{345B5D5D-A0C0-4F9D-9A4D-C68CE3429BCA}
- %PROGRAM_FILES%\7rar\WinHyrw32.exe
- 'any':0
- ClassName: 'Shell_TrayWnd' WindowName: ''