Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Server' = '<SYSTEM32>\srv\svchost.exe'
- <SYSTEM32>\srv\svchost.exe
- %TEMP%\GlobalTradeStation2_webdeploy.exe
- <SYSTEM32>\srv\config.cfg
- <SYSTEM32>\srv\svchost.exe
- <SYSTEM32>\srv\is.id.ini
- <SYSTEM32>\srv\is.log.cvi
- <SYSTEM32>\srv\common.base.cvi
- <SYSTEM32>\srv\txt.tmp
- %TEMP%\AITMP019\setup.ini
- %TEMP%\AITMP019\English.lng
- %TEMP%\AITMP019\setup.cab
- %TEMP%\AITMP019\aiwizard.bmp
- %TEMP%\AITMP019\file.cab
- %TEMP%\AITMP019\uninstall.ini
- %TEMP%\AITMP019\aiheader.bmp
- <SYSTEM32>\srv\is.id.ini
- <SYSTEM32>\srv\common.base.cvi
- <SYSTEM32>\srv\is.log.cvi
- %TEMP%\AITMP019\file.cab
- <SYSTEM32>\srv\txt.tmp
- '2i#.ru':80
- 'no###e888.pp.ua':80
- 2i#.ru/
- no###e888.pp.ua/dd/fx_130/core.php
- no###e888.pp.ua/dd/micro-core.php
- DNS ASK 2i#.ru
- DNS ASK no###e888.pp.ua
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_WINHELP' WindowName: ''