Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'AdobeFlash' = '%APPDATA%\install_flash.exe'
- Средство контроля пользовательских учетных записей (UAC)
- '%APPDATA%\install_flash.exe'
- C:\IntelStorage\13185\Pref.dat
- C:\IntelStorage\13185\script.js
- %TEMP%\fupdate.exe
- %APPDATA%\flash.xpi
- C:\IntelStorage\13185\manifest.json
- C:\IntelStorage\13185\background.js
- %APPDATA%\install_flash.exe
- C:\IntelStorage\13185\jquery-1.9.1.min.js
- C:\IntelStorage\13185\icon.png
- %APPDATA%\install_flash.exe
- C:\IntelStorage\13185\Pref.dat
- %TEMP%\fupdate.exe
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- 'dl.#####oxusercontent.com':443
- 'ki###edya.org':80
- ki###edya.org/Crx/pref.dat
- ki###edya.org/Crx/script.js
- ki###edya.org/Crx/updateSky.exe
- ki###edya.org/Crx/flash.xpi
- ki###edya.org/Crx/icon.png
- ki###edya.org/Crx/background.js
- ki###edya.org/Crx/manifest.json
- ki###edya.org/Crx/jquery-1.9.1.min.js
- DNS ASK dl.#####oxusercontent.com
- DNS ASK ki###edya.org
- ClassName: 'Indicator' WindowName: '(null)'