Type
Trojan
Description
Troj/Median-A creates a hidden window called Medusa and attempts to connect to the remote server diana23.dyndns.org.
The Trojan copies itself to the Windows folder as WINSYS.EXE and adds an entry to the registry at the following location to run itself on system restart:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\WINSYS
http://www.sophos.com/virusinfo/analyses/trojmediana.html
 | Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years. Thanks, CNET Support |
General discussion
Troj/Median-A
Discussion is locked
CNET Forums
Operating Systems
Software
Electronics & Gadgets
Hardware
Tablets & Mobile Devices
General Help
Roadshow Autos
Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic