Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '{1D476073-5E7F-AD41-B897-60D4A63F43C6}' = '"%APPDATA%\Taewiv\atoh.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Taewiv\atoh.exe'
- <Служебный элемент>
- %TEMP%\tmp6da50d81.bat
- <LS_APPDATA>\ekuk.ena
- %APPDATA%\Taewiv\atoh.exe
- '14#.3.65.13':12312
- '84.##1.75.143':24498
- '10#.#7.140.91':19298
- '75.#.222.103':11577
- '20#.#70.172.19':19828
- '31.##2.29.95':28121
- '93.##6.211.170':13334
- '19#.#54.249.141':25613
- ClassName: 'Indicator' WindowName: ''