Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Adobe Reader' = ''
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\EXPLORER\RUN] 'Adobe Reader' = ''
- '<SYSTEM32>\schtasks.exe' /create /f /tn "WAN Service" /xml "%TEMP%\tmp4D64.tmp"
- '%WINDIR%\Microsoft.NET\Framework\v4.0.30319\cvtres.exe'
- %WINDIR%\Microsoft.NET\Framework\v4.0.30319\cvtres.exe
- %APPDATA%\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader.LNK
- %APPDATA%\Roaming\Microsoft\plugin.exe
- <SYSTEM32>\Tasks\WAN Service
- %APPDATA%\Roaming\97C09787-6498-4B10-8F65-9471D842C55E\run.dat
- %TEMP%\tmp4D64.tmp
- %TEMP%\tmp4D64.tmp
- DNS ASK dn#.##ftncsi.com
- DNS ASK ba####n.duckdns.org
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''