Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Qomoo' = '"%APPDATA%\Dimyi\qomoo.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Dimyi\qomoo.exe'
- <Служебный элемент>
- %TEMP%\tmp95d22fcf.bat
- <LS_APPDATA>\koyv.xyi
- %APPDATA%\Dimyi\qomoo.exe
- '87.##2.133.133':20038
- '98.##1.143.22':19595
- '69.##3.226.70':14774
- '85.#.81.247':16557
- '10#.#33.198.131':15847
- '18#.#83.237.31':28599
- '10#.92.5.64':12477
- '65.##.179.245':21463
- '18#.#7.50.91':27916
- '10#.#15.44.142':20626
- ClassName: 'Indicator' WindowName: ''