When installed – the Pokémon Go for Windows with Ransomware will create a hidden user account called ‚Hack3r‘ and adds it to the Administrators group
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList „Hack3r“ = 0
