Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Qoomu' = '"%APPDATA%\Uvpai\qoomu.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Uvpai\qoomu.exe'
- <Служебный элемент>
- %TEMP%\tmp66925828.bat
- <LS_APPDATA>\paune.qei
- %APPDATA%\Uvpai\qoomu.exe
- '17#.#3.238.72':22869
- '18#.#23.139.172':12806
- '94.##0.224.115':27794
- '49.##8.49.120':25022
- '2.###.22.240':11601
- '11#.#10.28.249':22515
- '95.##.16.187':28304
- ClassName: 'Indicator' WindowName: ''