Техническая информация
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'svchostt' = '%APPDATA%\explorer\svchostt.exe '
- [<HKLM>\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths] '%APPDATA%\explorer\svchostt.exe' = '00000000'
- [<HKLM>\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths] '%APPDATA%\explorer' = '00000000'
- [<HKLM>\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths] '%APPDATA%\explorer\*' = '00000000'
- [<HKLM>\SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes] '%APPDATA%\explorer\svchostt.exe' = '00000000'
- [<HKLM>\SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes] 'svchostt.exe' = '00000000'
- [<HKLM>\SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes] '%APPDATA%\explorer' = '00000000'
- [<HKLM>\SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes] '%APPDATA%\explorer\*' = '00000000'
- %APPDATA%\explorer\svchostt.exe
- DNS ASK ra#.####ubusercontent.com
- '%APPDATA%\explorer\svchostt.exe'