Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{82481678-8D55-B4B3-F3F4-D7C470B30B32}] 'stubpath' = ''
- <SYSTEM32>\ping.exe -n 2 0.0.0.0
- <SYSTEM32>\rundll32.exe <SYSTEM32>\shimgvw.dll,ImageView_Fullscreen "%TEMP%\22338_100696509965503_100000754636948_19410_3950858_n.jpg"
- %WINDIR%\Explorer.EXE
- ClassName: '' WindowName: 'Registry Monitor - Sysinternals: www.sysinternals.com'
- ClassName: '' WindowName: 'File Monitor - Sysinternals: www.sysinternals.com'
- ClassName: '' WindowName: 'Process Monitor - Sysinternals: www.sysinternals.com'
- %APPDATA%\addons.dat
- <SYSTEM32>\AppPatch\AcAdproc.dll
- %TEMP%\server.exe
- %TEMP%\22338_100696509965503_100000754636948_19410_3950858_n.jpg
- %APPDATA%\addons.dat
- <SYSTEM32>\AppPatch\AcAdproc.dll
- %TEMP%\server.exe
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'ShImgVw:CPreviewWnd' WindowName: ''
- ClassName: '' WindowName: 'The Wireshark Nf?work Analyzer'