Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'winlogon' = '%TEMP%\svchost.exe'
- '%TEMP%\svchost.exe'
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\log.bat" -s"
- %TEMP%\log.bat
- %TEMP%\svchost.exe
- %TEMP%\~DFA9C5.tmp
- 'se######g.redirectme.net':1521
- DNS ASK se######g.redirectme.net
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'