Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '{1D476073-5E7F-AD41-B897-60D4A63F43C6}' = '"%APPDATA%\Obgof\ytitep.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DisableNotifications' = '00000001'
- '%APPDATA%\Obgof\ytitep.exe'
- <Служебный элемент>
- %TEMP%\tmp58cef09b.bat
- <LS_APPDATA>\fiamwa.sao
- %APPDATA%\Obgof\ytitep.exe
- '18#.#95.250.32':17459
- '79.##6.116.250':16438
- '83.##3.41.52':13387
- '66.##0.42.12':12608
- '37.##1.11.42':16433
- '19#.#9.157.124':11145
- '81.##3.189.232':10880
- ClassName: 'Indicator' WindowName: ''