Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows Generic Host Process' = '%WINDIR%\security\svchost.exe'
- %APPDATA%\chk
- %WINDIR%\security\svchost.exe
- 'se####.colo.owned.hu':31093
- 'se####.colo.owned.hu':31092
- 'se####.colo.owned.hu':31090
- 'se####.colo.owned.hu':31091
- DNS ASK se####.colo.owned.hu
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'