Техническая информация
- '%WINDIR%\syswow64\taskkill.exe' /F /IM 1.exe
- '%WINDIR%\syswow64\taskkill.exe' /F /IM 2.exe
- %WINDIR%\fonts\1.exe
- %WINDIR%\fonts\2.exe
- <DRIVERS>\etc\hosts
- 'public-trust.com':80
- http://oc##.thawte.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQwF4prw9S7mCbCEHD%2Fyl6nWPkczAQUe1tFz6%2FOy3r9MZIaarbzRutXSFACEEeXTXhzpbyrDS%2BzcBkvzl4%3D
- http://oc##.#tartssl.com/sub/class2/code/ca/MEMwQTA%2FMD0wOzAJBgUrDgMCGgUABBQSOgrhRCSnWfKxoWTjWxhk8hga9AQU0E4PQJlsuEsZbzsouODjiAc0qrcCAhAV
- DNS ASK no##pad.pw
- DNS ASK yo##ube.com
- DNS ASK microsoft.com
- DNS ASK s.##img.com
- DNS ASK fo###.gstatic.com
- DNS ASK r4########ne6nsz.googlevideo.com
- DNS ASK r6########nedn7e.googlevideo.com
- DNS ASK r3########ne6nsy.googlevideo.com
- DNS ASK accounts.google.com
- DNS ASK yt#.#gpht.com
- DNS ASK ss#.#static.com
- DNS ASK oc##.thawte.com
- DNS ASK oc##.#tartssl.com
- DNS ASK public-trust.com
- ClassName: 'DDEMLMom' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Static' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '%WINDIR%\syswow64\taskkill.exe' /F /IM 1.exe' (со скрытым окном)
- '%WINDIR%\syswow64\taskkill.exe' /F /IM 2.exe' (со скрытым окном)