Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'Far2' = '%APPDATA%\Microsoft\cugitids\iivggiaw.exe'
- '%WINDIR%\explorer.exe'
- %TEMP%\history.adapter.jquery.js
- %TEMP%\wp-json
- %TEMP%\AVELogo72.png
- %TEMP%\style.css
- %TEMP%\feed
- %TEMP%\nsm3.tmp\System.dll
- %APPDATA%\Microsoft\cugitids\iivggiaw.exe
- %TEMP%\stylesheet_b1b6b82b82.css
- %TEMP%\menu
- %TEMP%\sneak_preview.gif
- %TEMP%\login.php
- %TEMP%\stylesheet_55ca7745f7.css
- %TEMP%\nsl2.tmp
- %TEMP%\buttons-orange.css
- %TEMP%\sidebar.css
- %TEMP%\forms.css
- %TEMP%\screen.css
- %TEMP%\favicon.ico
- %TEMP%\AVE_Avenet_Marketing_2015.css
- %APPDATA%\Microsoft\cugitids\iivggiaw.exe
- 'co##.##tter-potter.pw':80
- '20#.#6.232.182':80
- 'wp#d':80
- http://www.microsoft.com/ via 20#.#6.232.182
- http://11#.#11.111.1/wpad.dat via wp#d
- http://su#####.microsoft.com/ via 20#.#6.232.182
- http://go.###rosoft.com/fwlink/?Li########## via 20#.#6.232.182
- http://go.###rosoft.com/fwlink/?Li########### via 20#.#6.232.182
- DNS ASK su#####.microsoft.com
- DNS ASK co##.##tter-potter.pw
- DNS ASK go.###rosoft.com
- DNS ASK wp#d
- DNS ASK www.microsoft.com