Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Adobe Updater Startup Utility' = '%HOMEPATH%\AdobeChecker.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'Adobe Updater' = '%HOMEPATH%\AdobeRTM.exe'
- %HOMEPATH%\Rar.exe e "%HOMEPATH%\pub.rar" -p1nterfer0n "%HOMEPATH%\"
- %HOMEPATH%\CertMgr.exe -add -c "%HOMEPATH%\sert.cer" -s -r localMachine root
- %HOMEPATH%\CertMgr.exe
- %HOMEPATH%\Rar.exe
- %HOMEPATH%\sert.cer
- %HOMEPATH%\rates.pdf
- %HOMEPATH%\AdobeRTM.exe
- %HOMEPATH%\Rar.exe
- %HOMEPATH%\CertMgr.exe
- %HOMEPATH%\sert.cer
- %HOMEPATH%\AdobeRTM.exe
- %HOMEPATH%\rates.pdf
- %HOMEPATH%\Rar.exe
- %HOMEPATH%\CertMgr.exe
- %HOMEPATH%\sert.cer
- '94.##0.191.201':25
- 'sm##.qip.ru':25
- 'www.am##on.com':80
- www.am##on.com/
- DNS ASK sm##.mail.ru
- DNS ASK www.tm##.net
- DNS ASK www.am##on.com
- DNS ASK sm##.qip.ru
- ClassName: 'Indicator' WindowName: ''