Техническая информация
- <SYSTEM32>\taskkill.exe /im crashreporter.exe
- <SYSTEM32>\taskkill.exe /im firefox.exe
- <SYSTEM32>\cmd.exe /c %TEMP%\Killff.bat
- %APPDATA%\Microsoft\Protect\S-1-5-21-2052111302-484763869-725345543-1003\Preferred
- %APPDATA%\Microsoft\Crypto\RSA\S-1-5-21-2052111302-484763869-725345543-1003\9e34b03c992d64267eae8390026c1cef_23ef5514-3059-436f-a4a7-4cefaab20eb1
- %TEMP%\Killff.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\index[1].html
- %APPDATA%\Microsoft\Protect\S-1-5-21-2052111302-484763869-725345543-1003\d42d2391-2e3c-4ae1-9e55-7579e56525ce
- 'ch###am.kilu.de':80
- 'localhost':1036
- ch###am.kilu.de/aaaa/index.html
- DNS ASK ch###am.kilu.de
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''