Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Run' = '"%APPDATA%\Adobe\Manager.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\BITS] 'Start' = '00000002'
- '%TEMP%\Setup.exe'
- '%TEMP%\20.6237.exe'
- %CommonProgramFiles%\Adobe\caps\caps.db-journal
- %CommonProgramFiles%\Adobe\caps\caps.db
- %CommonProgramFiles%\Adobe\backup\caps.db
- %TEMP%\Ahmbed
- %TEMP%\20.6237.exe
- %TEMP%\Setup.exe
- %APPDATA%\Adobe\Manager.exe
- %TEMP%\Ahmbed
- %CommonProgramFiles%\Adobe\caps\caps.db-journal
- 'hq###tube08.com':80
- 'localhost':1038
- 'wp#d':80
- wp#d/wpad.dat
- DNS ASK hq###tube08.com
- DNS ASK wp#d
- ClassName: 'Indicator' WindowName: '(null)'