Техническая информация
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'yVUvd' = '%APPDATA%\Microsoft\Windows\Templates\yVUvd.exe'
- %APPDATA%\microsoft\windows\templates\yvuvd.exe
- %TEMP%\user2.txt
- %APPDATA%\userv1.18.0 - trial versionlog.dat
- %TEMP%\user7
- %TEMP%\user8
- %APPDATA%\userv1.18.0 - trial versionlog.dat
- %TEMP%\user2.txt
- %TEMP%\user8
- %TEMP%\user7
- %TEMP%\user8
- %TEMP%\user7
- 'localhost':1414
- '%APPDATA%\microsoft\windows\templates\yvuvd.exe'