Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows Update' = '%WINDIR%\windows.exe'
- %WINDIR%\windows.exe
- http://gi#####.altervista.org/key/Log.php?un###################################################
- DNS ASK gi#####.altervista.org
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '%WINDIR%\windows.exe'
- '%WINDIR%\windows.exe' ' (со скрытым окном)