Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\AdobeUpdate] 'Start' = '00000002'
- <SYSTEM32>\rundll32.exe "%ALLUSERSPROFILE%\Application Data\adobe.dll",start
- [\REGISTRY\USER\S-1-5-20_Classes\Software\Microsoft\MSNMessenger]
- [<HKCU>_Classes\Software\Microsoft\MSNMessenger]
- [\REGISTRY\USER\S-1-5-18\Software\Microsoft\MSNMessenger]
- [\REGISTRY\USER\S-1-5-20\Software\Microsoft\MSNMessenger]
- [<HKCU>\Software\Microsoft\MSNMessenger]
- [\REGISTRY\USER\S-1-5-19\Software\Microsoft\MSNMessenger]
- [\REGISTRY\USER\S-1-5-19_Classes\Software\Microsoft\MSNMessenger]
- %APPDATA%\wmplay32.chq
- %ALLUSERSPROFILE%\Application Data\adobe.dll
- <SYSTEM32>\cmd.exe
- 'any':443
- 'up####.##ndowsautoupdate.com':443
- DNS ASK up####.##ndowsautoupdate.com
- ClassName: 'Shell_TrayWnd' WindowName: ''