Техническая информация
- [<HKLM>\SOFTWARE\Classes\FileOpenerPro\shell\open\command] '' = '"%PROGRAM_FILES%\FileOpenerPro\FileOpenerPro.exe" "%1"'
- %PROGRAM_FILES%\FileOpenerPro\uninstall.exe
- %TEMP%\install.log
- <LS_APPDATA>\ApplicationHistory\<Имя вируса>.exe.bf81a5f0.ini
- %PROGRAM_FILES%\FileOpenerPro\settings.txt
- %PROGRAM_FILES%\FileOpenerPro\FileOpenerPro.exe
- %PROGRAM_FILES%\FileOpenerPro\AxSHDocVw.dll
- %PROGRAM_FILES%\FileOpenerPro\SHDocVw.dll
- %WINDIR%\Microsoft.NET\Framework\v1.1.4322\CONFIG\enterprisesec.config.cch.2844.108531
- %WINDIR%\Microsoft.NET\Framework\v1.1.4322\CONFIG\security.config.cch.2844.108468
- %WINDIR%\Microsoft.NET\Framework\v1.1.4322\CONFIG\enterprisesec.config.cch в %WINDIR%\Microsoft.NET\Framework\v1.1.4322\CONFIG\enterprisesec.config.cch.2844.108531
- %WINDIR%\Microsoft.NET\Framework\v1.1.4322\CONFIG\security.config.cch в %WINDIR%\Microsoft.NET\Framework\v1.1.4322\CONFIG\security.config.cch.2844.108468
- 'im##############y-1085035873.us-east-1.elb.amazonaws.com':80
- im##############y-1085035873.us-east-1.elb.amazonaws.com/impression.do/?ev###########################################################
- DNS ASK im##############y-1085035873.us-east-1.elb.amazonaws.com