Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'winlogon' = '"%WINDIR%\media\WinLogon.exe"'
- %WINDIR%\Media\WinLogon.exe
- %WINDIR%\Media\WinLogon.exe
- <SYSTEM32>\MSWINSCK.OCX
- %TEMP%\~DF1A6C.tmp
- 'ga###osting.com':80
- ga###osting.com/dns.php
- DNS ASK ga###osting.com
- ClassName: 'Indicator' WindowName: ''