Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Dnschck' = '%APPDATA%\Roaming\Adobe\dsnchck.exe'
- '%APPDATA%\Roaming\Adobe\dsnchck.exe'
- '<SYSTEM32>\regsvr32.exe' /s "%APPDATA%\Roaming\IE\bho.dll"
- '<SYSTEM32>\regsvr32.exe' /u /s "%APPDATA%\Roaming\IE\bho.dll"
- %APPDATA%\Roaming\firefox@mozilla.com\content\settings.js
- %APPDATA%\Roaming\firefox@mozilla.com\content\overlay.xul
- %APPDATA%\Roaming\IE\settings.dat
- %APPDATA%\Roaming\IE\bho.dll
- %APPDATA%\Roaming\firefox@mozilla.com\chrome.manifest
- %APPDATA%\Roaming\Adobe\dsnchck.exe
- %APPDATA%\Roaming\firefox@mozilla.com\content\overlay.js
- %APPDATA%\Roaming\firefox@mozilla.com\install.rdf
- 'ks#####4.kimsufi.com':80
- ks#####4.kimsufi.com/tools/parser.php?us##########################################
- ks#####4.kimsufi.com/tools/parser.php?us####################################################################################################
- DNS ASK ks#####4.kimsufi.com
- ClassName: 'Indicator' WindowName: '(null)'