Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\api-ms-win-core-processenvironment-l1-1-0] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\api-ms-win-core-processenvironment-l1-1-0] 'ImagePath' = '"%WINDIR%\SysWOW64\api-ms-win-core-processenvironment-l1-1-0\api-ms-win-core-processenvironme...
- из <Полный путь к файлу> в %WINDIR%\syswow64\api-ms-win-core-processenvironment-l1-1-0\api-ms-win-core-processenvironment-l1-1-0.exe
- '17#.#02.106.124':80
- '18#.#35.109.128':443
- http://18#.##5.109.128:443/sxXRv/WH4kD20T4L2nj0ST9/ via 18#.#35.109.128