Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'KeenValue' = '%CommonProgramFiles%\KeenValue\KeenValue.exe'
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\KeenValue.lnk
- '%CommonProgramFiles%\KeenValue\keenvalue.exe'
- %CommonProgramFiles%\KeenValue\KV002.dat
- %CommonProgramFiles%\KeenValue\kv001.dat
- %CommonProgramFiles%\KeenValue\uninstall.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\mgmtsvr[1].htm
- %CommonProgramFiles%\KeenValue\kv099.dat
- %CommonProgramFiles%\KeenValue\sui.exe
- %CommonProgramFiles%\KeenValue\kkv.exe
- %CommonProgramFiles%\KeenValue\keenvalue.exe
- %CommonProgramFiles%\KeenValue\IESliderWin32.dll
- %CommonProgramFiles%\KeenValue\kwm.exe
- %CommonProgramFiles%\KeenValue\kvlhookwin.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\mgmtsvr[1].htm
- 'se####.keenvalue.com':80
- 'im####2.laih.com':80
- im####2.laih.com/kv/ping.html
- se####.keenvalue.com/Service/mgmtsvr.aspx
- DNS ASK se####.keenvalue.com
- DNS ASK im####2.laih.com