Техническая информация
- %TEMP%\qs_f01824c0\slowpcfighter.vi.zip
- %TEMP%\qs_f01824c0\driverfighter.vi.zip
- %TEMP%\qs_f01824c0\pcoptimizerpro.vi.zip
- %TEMP%\qs_f01824c0\defaulttab.vi.zip
- %TEMP%\qs_f01824c0\autorun.txt
- C:\ProgramData\Microsoft\RAC\Temp\sqlAEF5.tmp
- C:\ProgramData\Microsoft\RAC\Temp\sqlAEE4.tmp
- <LS_APPDATA>Low\cookieman.exe
- %TEMP%\qs_f01824c0\ping.response.json
- %TEMP%\qs_f01824c0\petite.vi.zip
- %TEMP%\qs_f01824c0\vioplayer.vi.zip
- %TEMP%\qs_f01824c0\<Имя вируса>.log
- %TEMP%\qs_f01824c0\config.xml
- %TEMP%\qs_f01824c0\yahoosuite.vi.zip
- %TEMP%\qs_f01824c0\wajam.vi.zip
- %TEMP%\qs_f01824c0\wecarecleanwater.vi.zip
- %TEMP%\qs_f01824c0\yahoo_hpds.vi.zip
- %TEMP%\qs_f01824c0\arcadeparlor.vi.zip
- C:\ProgramData\Microsoft\RAC\Temp\sqlAEE4.tmp
- C:\ProgramData\Microsoft\RAC\Temp\sqlAEF5.tmp
- <LS_APPDATA>Low\cookieman.exe
- 'vi###aller.com':80
- 'localhost':51838
- vi###aller.com/api/productsession
- DNS ASK vi###aller.com
- ClassName: 'CicLoaderWndClass' WindowName: '(null)'