Техническая информация
- '<Текущая директория>\OCBrowserHelper_1.0.6.124.exe' /OCRestartExe
- '<Текущая директория>\OCBrowserHelper_1.0.6.124.exe' /OCReplaceServerXML="[mycmdline],/PID= /TOOLBAR= /HOMEPAGE=1 /SEARCH=1 /REVERT=0"
- '<SYSTEM32>\conhost.exe'
- '<SYSTEM32>\taskeng.exe' {868C6263-B5C7-4F92-911A-71E06A74E35C} S-1-5-21-3525224950-2885160813-905547259-1000:BVNSEUHJ\FFPXOMEV:Interactive:Highest[1]
- %WINDIR%\Temp\MPTelemetrySubmit\client_manifest.txt
- %WINDIR%\Temp\MPTelemetrySubmit\watson_manifest.txt
- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_80070422_76a4385aa7fdcd3dc476f7ea51e8ea5565f02fd_06551ed6\Report.wer
- <SYSTEM32>\Tasks\OpenCandyHelperRunOnce49D9CFB7DF8B4F858D9622D8C51BBE39
- <Текущая директория>\OCBrowserHelper_1.0.6.124.exe
- <Текущая директория>\MixiCND_CID4.exe
- %WINDIR%\Temp\MPTelemetrySubmit\client_manifest.txt
- %WINDIR%\Temp\MPTelemetrySubmit\watson_manifest.txt
- <SYSTEM32>\Tasks\OpenCandyHelperRunOnce49D9CFB7DF8B4F858D9622D8C51BBE39
- '20#.#6.232.182':80
- DNS ASK wa####.microsoft.com
- '22#.0.0.252':5355