Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'DfMarshal' = '{99e245b9-edf3-4b3b-9009-45e29a471c09}'
- %TEMP%\tweet-adder-1.0.90701.exe
- <SYSTEM32>\regsvr32.exe /s %TEMP%\windll.dll
- <SYSTEM32>\msiexec.exe -Embedding 7638C0B6DB0F1B52894E56290EA48186 C
- <SYSTEM32>\msiexec.exe
- <SYSTEM32>\msiexec.exe /V
- %TEMP%\windll.dll
- %TEMP%\20a37.msi
- %CommonProgramFiles%\DfMarshal\DfMarshal.dll
- %TEMP%\MSI3.tmp
- %APPDATA%\Tweet Adder\install\disk1.cab
- %TEMP%\nsh2.tmp\NSISdl.dll
- %TEMP%\tweet-adder-1.0.90701.exe
- %APPDATA%\Tweet Adder\install\tweetadder.msi
- %TEMP%\tweet-adder-1.0.90701.log
- %TEMP%\MSI3.tmp
- %TEMP%\nsh2.tmp\NSISdl.dll
- %TEMP%\windll.dll
- '20#.#26.167.92':80
- 20#.#26.167.92/update/check_d.php?tn######################
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'MozillaUIWindowClass' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''