Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'jcrun32' = '%APPDATA%\Adobe\jcrun32.exe'
- '%APPDATA%\Adobe\jcrun32.exe'
- '<SYSTEM32>\regsvr32.exe' /s "%APPDATA%\IE\bho.dll"
- '<SYSTEM32>\regsvr32.exe' /u /s "%APPDATA%\IE\bho.dll"
- %APPDATA%\firefox@mozilla.com\content\settings.js
- %APPDATA%\firefox@mozilla.com\content\overlay.xul
- %APPDATA%\IE\settings.dat
- %APPDATA%\IE\bho.dll
- %APPDATA%\firefox@mozilla.com\chrome.manifest
- %APPDATA%\Adobe\jcrun32.exe
- %APPDATA%\firefox@mozilla.com\content\overlay.js
- %APPDATA%\firefox@mozilla.com\install.rdf
- 'ks#####4.kimsufi.com':80
- ks#####4.kimsufi.com/tools/parser.php?us##########################################
- ks#####4.kimsufi.com/tools/parser.php?us#########################################################################################
- DNS ASK ks#####4.kimsufi.com
- ClassName: 'Indicator' WindowName: '(null)'