Техническая информация
- '%WINDIR%\svchost.exe' /install /silent
- '%WINDIR%\svchost.exe' (загружен из сети Интернет)
- '<SYSTEM32>\net1.exe' start WinAuthClient
- %WINDIR%\svchost.exe
- 'go###.zapto.org':80
- go###.zapto.org/svchost.exe
- DNS ASK go###.zapto.org
- ClassName: 'Shell_TrayWnd' WindowName: ''