Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Microsoft Security Essentials' = '%APPDATA%\Microsoft\svchost.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Microsoft Security Essentials' = '%APPDATA%\Microsoft\svchost.exe'
- '%APPDATA%\Microsoft\svchost.exe'
- %APPDATA%\SSL\Screenshots\01-11-2017\1.38 AM
- %APPDATA%\Microsoft\svchost.exe
- '21#.#.192.245':21396