Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '{1D476073-5E7F-AD41-B897-60D4A63F43C6}' = '"%APPDATA%\Ewuvi\fypyzo.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Ewuvi\fypyzo.exe'
- <Служебный элемент>
- %TEMP%\tmp7de23e29.bat
- <LS_APPDATA>\ofir.ham
- %APPDATA%\Ewuvi\fypyzo.exe
- '78.##9.187.6':14384
- '18#.#51.230.153':10445
- '10#.#17.187.69':11806
- '20#.#11.95.80':26683
- '18#.#48.91.99':23064
- '75.##.139.23':13467
- '1.###.36.175':19755
- '19#.#4.127.98':25549
- '41.##3.90.36':11964
- '2.###.217.219':10777
- '17#.#05.128.203':14938
- '41.##.80.174':26013
- ClassName: 'Indicator' WindowName: ''