Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{03303U3U-1L37-8JF4-D8NV-43VQ76VSL2S8}] 'StubPath' = '%WINDIR%\sistem32\server.exe Restart'
- %HOMEPATH%\Templates\hEDeM.exe.exe
- %APPDATA%\%USERNAME%log.dat
- %TEMP%\%USERNAME%7
- %TEMP%\%USERNAME%8
- %HOMEPATH%\Templates\hEDeM.exe.exe
- %WINDIR%\sistem32\server.exe
- %TEMP%\%USERNAME%2.txt
- %APPDATA%\%USERNAME%log.dat
- %TEMP%\%USERNAME%8
- %HOMEPATH%\Templates\hEDeM.exe.exe
- %TEMP%\%USERNAME%2.txt