Техническая информация
- '%TEMP%\VolumeObjections\20130415173928.exe'
- '%TEMP%\VolumeObjections\20130415173928.exe' (загружен из сети Интернет)
- '<SYSTEM32>\conhost.exe'
- %TEMP%\nsa9D2A.tmp\System.dll
- %TEMP%\VolumeObjections\20130415173928.exe
- %TEMP%\VolumeObjections\20130415173928.dat
- %TEMP%\nsa9D2A.tmp\NSISdl.dll
- %WINDIR%\Temp\MPTelemetrySubmit\watson_manifest.txt
- %WINDIR%\Temp\MPTelemetrySubmit\client_manifest.txt
- %TEMP%\VolumeObjections\20130415173928.cnt
- %TEMP%\VolumeObjections\20130415173928.ini
- %TEMP%\nsf88EF.tmp\System.dll
- %TEMP%\nsa88DF.tmp
- %TEMP%\VolumeObjections\flag.txt
- %TEMP%\VolumeObjections\flag.ini
- %TEMP%\nsf8BFA.tmp
- %TEMP%\nsf88EF.tmp\NSISdl.dll
- %TEMP%\nsa9D2A.tmp\NSISdl.dll
- %TEMP%\VolumeObjections\flag.txt
- %TEMP%\nsa9D2A.tmp\System.dll
- %WINDIR%\Temp\MPTelemetrySubmit\client_manifest.txt
- %WINDIR%\Temp\MPTelemetrySubmit\watson_manifest.txt
- %TEMP%\VolumeObjections\flag.ini
- %TEMP%\VolumeObjections\20130415173928.ini
- %TEMP%\VolumeObjections\20130415173928.dat
- %TEMP%\nsf88EF.tmp\NSISdl.dll
- %TEMP%\VolumeObjections\20130415173928.cnt
- %TEMP%\nsf88EF.tmp\System.dll
- '25#######6798064.omni.com.gt':80
- 25#######6798064.omni.com.gt/cnt.php?e=##################################################
- 25#######6798064.omni.com.gt/get.php?e=#########################################################
- DNS ASK 25#######6798064.omni.com.gt
- '22#.0.0.252':5355