Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'Load' = '%TEMP%\00023500.com'
- '<SYSTEM32>\wuauclt.exe'
- <SYSTEM32>\wuauclt.exe
- %TEMP%\00023500.com
- 'cl#######.faster-hosting.com':80
- '74.##5.232.51':80
- http://cl#######.faster-hosting.com/pamela/stat5.php
- DNS ASK cl#######.faster-hosting.com
- DNS ASK google.com