Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '{1D476073-5E7F-AD41-B897-60D4A63F43C6}' = '"%APPDATA%\Paqea\yqdudy.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Paqea\yqdudy.exe'
- <Служебный элемент>
- %TEMP%\tmp807f065c.bat
- <LS_APPDATA>\arsodu.itu
- %APPDATA%\Paqea\yqdudy.exe
- '12#.#51.53.180':10066
- '18#.#23.135.118':12524
- '19#.#5.107.92':14684
- '1.###.36.175':19755
- '18#.#8.64.64':18528
- '24.##0.165.58':21251
- '15#.#4.3.223':19080
- ClassName: 'Indicator' WindowName: ''