Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Windows_Optimizer] 'Start' = '00000002'
- '%PROGRAM_FILES%\Windows Movie Maker\zcode.exe'
- '%PROGRAM_FILES%\Windows Movie Maker\optimizer-setup.exe' /VERYSILENT /SP-
- '%TEMP%\is-NPSFF.tmp\optimizer-setup.tmp' /SL5="$400E4,1027891,54272,%PROGRAM_FILES%\Windows Movie Maker\optimizer-setup.exe" /VERYSILENT /SP-
- '%PROGRAM_FILES%\Windows Optimizer\optimizer.exe'
- '%PROGRAM_FILES%\Windows Optimizer\system_shell.exe' "reg" "mex"
- '%TEMP%\is-8NA76.tmp\<Имя вируса>.tmp' /SL5="$50036,7580265,54272,<Полный путь к вирусу>" /VERYSILENT /SP-
- '%TEMP%\is-BM7VA.tmp\<Имя вируса>.tmp' /SL5="$30092,7580265,54272,<Полный путь к вирусу>"
- '%PROGRAM_FILES%\Windows Movie Maker\optimizer-setup.exe'
- '%TEMP%\is-AGSRD.tmp\optimizer-setup.tmp' /SL5="$500DE,1027891,54272,%PROGRAM_FILES%\Windows Movie Maker\optimizer-setup.exe"
- '%PROGRAM_FILES%\Windows Movie Maker\solidloader.exe'
- '<SYSTEM32>\regsvr32.exe' /s "<SYSTEM32>\framework.ocx"
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-D1R4A.tmp
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-T9MRE.tmp
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-ID87V.tmp
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-DL8GA.tmp
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-KP2FE.tmp
- %PROGRAM_FILES%\Windows Movie Maker\MUI\0409\is-STDLU.tmp
- %ALLUSERSPROFILE%\Start Menu\Programs\Windows Movie Maker\Windows Movie Maker.lnk
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-EM9KL.tmp
- %PROGRAM_FILES%\Windows Movie Maker\Shared\Profiles\is-93ML0.tmp
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-MMOF0.tmp
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-RQQNN.tmp
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-A2U6G.tmp
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-JVFTN.tmp
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-OO3UG.tmp
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-3GBV4.tmp
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-ABUAI.tmp
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-6QF8L.tmp
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-A624M.tmp
- %TEMP%\is-LUJNA.tmp\_isetup\_shfoldr.dll
- %PROGRAM_FILES%\Windows Optimizer\is-5PAII.tmp
- %TEMP%\is-NPSFF.tmp\optimizer-setup.tmp
- %TEMP%\is-LUJNA.tmp\_isetup\_RegDLL.tmp
- %PROGRAM_FILES%\Windows Optimizer\is-RU0R1.tmp
- %ALLUSERSPROFILE%\Documents\Optimizer\log.ini
- %ALLUSERSPROFILE%\Documents\Optimizer\history.log
- %PROGRAM_FILES%\Windows Optimizer\is-LPC6J.tmp
- %ALLUSERSPROFILE%\Documents\Optimizer\load_config.ini
- %ALLUSERSPROFILE%\Start Menu\Programs\Windows Movie Maker\Windows Movie Maker on the Web.url
- %ALLUSERSPROFILE%\Start Menu\Programs\Windows Movie Maker\Uninstall Windows Movie Maker.lnk
- %ALLUSERSPROFILE%\Desktop\Windows Movie Maker.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Windows Movie Maker.lnk
- %PROGRAM_FILES%\Windows Movie Maker\unins000.dat
- %TEMP%\is-F3J4P.tmp\_isetup\_RegDLL.tmp
- %TEMP%\is-F3J4P.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-AGSRD.tmp\optimizer-setup.tmp
- %ALLUSERSPROFILE%\Documents\SolidLoader\load_config.ini
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-15N4A.tmp
- %PROGRAM_FILES%\Windows Movie Maker\is-OU1UT.tmp
- %APPDATA%\solidloader\is-ATQA8.tmp
- %PROGRAM_FILES%\Windows Movie Maker\is-KVIPP.tmp
- %PROGRAM_FILES%\Windows Movie Maker\is-IOAP3.tmp
- %PROGRAM_FILES%\Windows Movie Maker\is-R2IA7.tmp
- %PROGRAM_FILES%\Windows Movie Maker\is-J2FIA.tmp
- %PROGRAM_FILES%\Windows Movie Maker\is-TV59G.tmp
- %PROGRAM_FILES%\Windows Movie Maker\is-K79EA.tmp
- %PROGRAM_FILES%\Windows Movie Maker\is-3C0NU.tmp
- %TEMP%\is-KG21N.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-KG21N.tmp\itdownload.dll
- %TEMP%\is-BM7VA.tmp\<Имя вируса>.tmp
- %TEMP%\is-KG21N.tmp\_isetup\_RegDLL.tmp
- %TEMP%\is-8NA76.tmp\<Имя вируса>.tmp
- %TEMP%\is-J4K1V.tmp\itdownload.dll
- %TEMP%\is-J4K1V.tmp\check.xml
- %TEMP%\is-J4K1V.tmp\_isetup\_RegDLL.tmp
- %TEMP%\is-J4K1V.tmp\_isetup\_shfoldr.dll
- %PROGRAM_FILES%\Windows Movie Maker\Shared\is-HMNJO.tmp
- %PROGRAM_FILES%\Windows Movie Maker\Shared\is-ST1A0.tmp
- %PROGRAM_FILES%\Windows Movie Maker\Shared\is-SAH26.tmp
- %PROGRAM_FILES%\Windows Movie Maker\Shared\is-IDQ6I.tmp
- %PROGRAM_FILES%\Windows Movie Maker\Shared\is-DPAUG.tmp
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-IDLND.tmp
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-DMD0H.tmp
- %PROGRAM_FILES%\Windows Movie Maker\Shared\is-H40V6.tmp
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-GDK5R.tmp
- %PROGRAM_FILES%\Windows Movie Maker\is-6BP7S.tmp
- %PROGRAM_FILES%\Windows Movie Maker\is-IOUSB.tmp
- %PROGRAM_FILES%\Windows Movie Maker\is-L7JTK.tmp
- %PROGRAM_FILES%\Windows Movie Maker\is-JNF3K.tmp
- %PROGRAM_FILES%\Windows Movie Maker\is-381US.tmp
- %PROGRAM_FILES%\Windows Movie Maker\is-HVURG.tmp
- <SYSTEM32>\is-T9ADO.tmp
- %PROGRAM_FILES%\Windows Movie Maker\is-OPROQ.tmp
- %PROGRAM_FILES%\Windows Movie Maker\is-07OSN.tmp
- %TEMP%\is-F3J4P.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-F3J4P.tmp\_isetup\_RegDLL.tmp
- %TEMP%\is-8NA76.tmp\<Имя вируса>.tmp
- %TEMP%\is-AGSRD.tmp\optimizer-setup.tmp
- %TEMP%\is-NPSFF.tmp\optimizer-setup.tmp
- %TEMP%\is-LUJNA.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-LUJNA.tmp\_isetup\_RegDLL.tmp
- %TEMP%\is-J4K1V.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-KG21N.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-KG21N.tmp\_isetup\_RegDLL.tmp
- %TEMP%\is-KG21N.tmp\itdownload.dll
- %TEMP%\is-BM7VA.tmp\<Имя вируса>.tmp
- %TEMP%\is-J4K1V.tmp\_isetup\_RegDLL.tmp
- %TEMP%\is-J4K1V.tmp\itdownload.dll
- %TEMP%\is-J4K1V.tmp\check.xml
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-OO3UG.tmp в %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\BFXset4i.jpg
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-RQQNN.tmp в %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\BFXset4h.jpg
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-MMOF0.tmp в %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\BFXset4g.jpg
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-3GBV4.tmp в %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\BFXset4l.jpg
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-A624M.tmp в %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\BFXset4k.jpg
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-6QF8L.tmp в %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\BFXset4j.jpg
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-DMD0H.tmp в %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\BFXset4c.jpg
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-IDLND.tmp в %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\BFXset4b.jpg
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-GDK5R.tmp в %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\BFXset4a.jpg
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-JVFTN.tmp в %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\BFXset4f.jpg
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-A2U6G.tmp в %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\BFXset4e.jpg
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-15N4A.tmp в %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\BFXset4d.jpg
- %PROGRAM_FILES%\Windows Movie Maker\MUI\0409\is-STDLU.tmp в %PROGRAM_FILES%\Windows Movie Maker\MUI\0409\moviemk.chm
- %PROGRAM_FILES%\Windows Movie Maker\Shared\Profiles\is-93ML0.tmp в %PROGRAM_FILES%\Windows Movie Maker\Shared\Profiles\Blank.txt
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-EM9KL.tmp в %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\wmtfxtransitions.xml
- %PROGRAM_FILES%\Windows Optimizer\is-LPC6J.tmp в %PROGRAM_FILES%\Windows Optimizer\load_config.ini
- %PROGRAM_FILES%\Windows Optimizer\is-RU0R1.tmp в %PROGRAM_FILES%\Windows Optimizer\system_shell.exe
- %PROGRAM_FILES%\Windows Optimizer\is-5PAII.tmp в %PROGRAM_FILES%\Windows Optimizer\optimizer.exe
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-DL8GA.tmp в %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\BFXset4o.jpg
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-ID87V.tmp в %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\BFXset4n.jpg
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-ABUAI.tmp в %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\BFXset4m.jpg
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-KP2FE.tmp в %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\rehansplit.xml
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-T9MRE.tmp в %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\effects.xml
- %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\is-D1R4A.tmp в %PROGRAM_FILES%\Windows Movie Maker\Shared\AddOnTFX\colorfades.xml
- %PROGRAM_FILES%\Windows Movie Maker\is-TV59G.tmp в %PROGRAM_FILES%\Windows Movie Maker\WMM2ERES.dll
- %PROGRAM_FILES%\Windows Movie Maker\is-J2FIA.tmp в %PROGRAM_FILES%\Windows Movie Maker\WMM2AE.dll
- %PROGRAM_FILES%\Windows Movie Maker\is-3C0NU.tmp в %PROGRAM_FILES%\Windows Movie Maker\Transitions.txt
- %PROGRAM_FILES%\Windows Movie Maker\is-6BP7S.tmp в %PROGRAM_FILES%\Windows Movie Maker\WMM2FXA.dll
- %PROGRAM_FILES%\Windows Movie Maker\is-JNF3K.tmp в %PROGRAM_FILES%\Windows Movie Maker\WMM2FILT.dll
- %PROGRAM_FILES%\Windows Movie Maker\is-L7JTK.tmp в %PROGRAM_FILES%\Windows Movie Maker\WMM2EXT.dll
- %PROGRAM_FILES%\Windows Movie Maker\is-OU1UT.tmp в %PROGRAM_FILES%\Windows Movie Maker\solidloader.exe
- %PROGRAM_FILES%\Windows Movie Maker\is-IOAP3.tmp в %PROGRAM_FILES%\Windows Movie Maker\load_config.ini
- %PROGRAM_FILES%\Windows Movie Maker\is-KVIPP.tmp в %PROGRAM_FILES%\Windows Movie Maker\unins000.exe
- %PROGRAM_FILES%\Windows Movie Maker\is-K79EA.tmp в %PROGRAM_FILES%\Windows Movie Maker\style.cjstyles
- %PROGRAM_FILES%\Windows Movie Maker\is-R2IA7.tmp в %PROGRAM_FILES%\Windows Movie Maker\optimizer-setup.exe
- %APPDATA%\solidloader\is-ATQA8.tmp в %APPDATA%\solidloader\load_config.ini
- %PROGRAM_FILES%\Windows Movie Maker\Shared\is-HMNJO.tmp в %PROGRAM_FILES%\Windows Movie Maker\Shared\news.png
- %PROGRAM_FILES%\Windows Movie Maker\Shared\is-IDQ6I.tmp в %PROGRAM_FILES%\Windows Movie Maker\Shared\Filters.xml
- %PROGRAM_FILES%\Windows Movie Maker\Shared\is-SAH26.tmp в %PROGRAM_FILES%\Windows Movie Maker\Shared\Empty.txt
- %PROGRAM_FILES%\Windows Movie Maker\Shared\is-H40V6.tmp в %PROGRAM_FILES%\Windows Movie Maker\Shared\Sample2.jpg
- %PROGRAM_FILES%\Windows Movie Maker\Shared\is-DPAUG.tmp в %PROGRAM_FILES%\Windows Movie Maker\Shared\Sample1.jpg
- %PROGRAM_FILES%\Windows Movie Maker\Shared\is-ST1A0.tmp в %PROGRAM_FILES%\Windows Movie Maker\Shared\paint.png
- %PROGRAM_FILES%\Windows Movie Maker\is-OPROQ.tmp в %PROGRAM_FILES%\Windows Movie Maker\WMM2RES2.dll
- %PROGRAM_FILES%\Windows Movie Maker\is-381US.tmp в %PROGRAM_FILES%\Windows Movie Maker\WMM2RES.dll
- %PROGRAM_FILES%\Windows Movie Maker\is-IOUSB.tmp в %PROGRAM_FILES%\Windows Movie Maker\WMM2FXB.dll
- <SYSTEM32>\is-T9ADO.tmp в <SYSTEM32>\framework.ocx
- %PROGRAM_FILES%\Windows Movie Maker\is-HVURG.tmp в %PROGRAM_FILES%\Windows Movie Maker\license-win.txt
- %PROGRAM_FILES%\Windows Movie Maker\is-07OSN.tmp в %PROGRAM_FILES%\Windows Movie Maker\zcode.exe
- 'ap#.###videosoft.com':80
- 'in######r.filebulldog.com':80
- ap#.###videosoft.com/api_ajax.ashx?cl##################################################################################################################
- ap#.###videosoft.com/api_ajax.ashx?ac#############################################################################################################################
- ap#.###videosoft.com/api_ajax.ashx?ac#############################################################################################################
- in######r.filebulldog.com/binno/get_pre_offering_checks?ui############################################################################################
- ap#.###videosoft.com/api_ajax.ashx?cl#########################################################################################################################
- DNS ASK ap#.###videosoft.com
- DNS ASK in######r.filebulldog.com
- ClassName: 'MovieMakerWndClass' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'