Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'PrintSpool' = '%WINDIR%\Fonts\PrSpool.exe'
- %WINDIR%\Fonts\PrSpool.exe
- 'www.si##ash.com':80
- www.si##ash.com/cgi-bin/click?PA########
- www.si##ash.com/program/tour1.html
- www.si##ash.com/cgi-bin/click?AC#############
- www.si##ash.com/program/main.html
- DNS ASK www.si##ash.com
- ClassName: 'Indicator' WindowName: ''