Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\MediaggdCenterb] 'Start' = '00000002'
- '<SYSTEM32>\conhost.exe'
- '<SYSTEM32>\svchost.exe' -k krnlsrvc
- %WINDIR%\Temp\MPTelemetrySubmit\client_manifest.txt
- %WINDIR%\Temp\MPTelemetrySubmit\watson_manifest.txt
- %TEMP%\236_res.tmp
- %TEMP%\236_res.tmp в <SYSTEM32>\rasmediax.dll
- '40##k.com':8786
- DNS ASK dn#.##ftncsi.com
- DNS ASK 40##k.com
- '22#.0.0.252':5355