Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'intr' = '<Полный путь к файлу>'
- [<HKLM>\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'intr' = '<Полный путь к файлу>'
- ClassName: 'SmartSniff', WindowName: ''
- ClassName: 'gdkWindowToplevel', WindowName: 'The Ethereal Network Analyzer'
- 'da##.net':80
- 'da##.net':443
- 'microsoft.com':80
- 'na##r.com':80
- 'na##r.com':443
- http://www.da##.net/
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- http://www.na##r.com/
- 'da##.net':443
- 'na##r.com':443
- DNS ASK da##.net
- DNS ASK microsoft.com
- DNS ASK na##r.com
- DNS ASK po#.###ontrollers.com
- ClassName: 'Static' WindowName: ''
- ClassName: '' WindowName: 'secret.txt - ¸Þ¸ðÀå'
- ClassName: 'PacketSnifferClass1' WindowName: ''
- ClassName: 'gdkWindowTemp' WindowName: 'wireshark.exe'