Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Shell' = 'Explorer.exe "%WINDIR%\userinit.exe"'
- %WINDIR%\Explorer.EXE
- %WINDIR%\userinit.exe
- 'ub####a.comoj.com':80
- http://ub####a.comoj.com/recv/gold/go.php
- DNS ASK ub####a.comoj.com
- ClassName: 'MS_WINHELP' WindowName: ''