Техническая информация
- '<SYSTEM32>\conhost.exe'
- %TEMP%\nsr9666.tmp\GetVersion.dll
- %TEMP%\nsr9666.tmp\installog.txt
- %TEMP%\nsr9666.tmp\manlib.dll
- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_80070422_76a4385aa7fdcd3dc476f7ea51e8ea5565f02fd_0131202d\Report.wer
- %WINDIR%\Temp\MPTelemetrySubmit\watson_manifest.txt
- %WINDIR%\Temp\MPTelemetrySubmit\client_manifest.txt
- %TEMP%\nsr9666.tmp\registry.dll
- %TEMP%\nsr9666.tmp\System.dll
- %TEMP%\nsr9666.tmp\header.bmp
- %TEMP%\nsr9666.tmp\nsDialogs.dll
- %TEMP%\nsr9666.tmp\blowfish.dll
- %TEMP%\nsr9666.tmp\checked.jpg
- %TEMP%\nsr9666.tmp\unchecked.jpg
- %TEMP%\nsr9666.tmp\System.dll
- %TEMP%\nsr9666.tmp\registry.dll
- %TEMP%\nsr9666.tmp\nsDialogs.dll
- %WINDIR%\Temp\MPTelemetrySubmit\client_manifest.txt
- %WINDIR%\Temp\MPTelemetrySubmit\watson_manifest.txt
- %TEMP%\nsr9666.tmp\unchecked.jpg
- %TEMP%\nsr9666.tmp\checked.jpg
- %TEMP%\nsr9666.tmp\blowfish.dll
- %TEMP%\nsr9666.tmp\installog.txt
- %TEMP%\nsr9666.tmp\manlib.dll
- %TEMP%\nsr9666.tmp\header.bmp
- %TEMP%\nsr9666.tmp\GetVersion.dll
- '20#.#6.232.182':80
- 'www.ht###wedgo.us':80
- www.ht###wedgo.us/first_call_mon_v2.php
- DNS ASK wa####.microsoft.com
- DNS ASK www.ht###wedgo.us
- '22#.0.0.252':5355