Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'Firefox' = '%APPDATA%\Roaming\microsoft\protect\windows\svchost.exe'
- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\flash player update.exe
- %APPDATA%\Roaming\Microsoft\Protect\windows\svchost.exe
- '19#.#0.107.38':80
- http://19#.#0.107.38/flash%20player%20update.exe