Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '<Полный путь к вирусу>' = '<Полный путь к вирусу>:*:Enabled:Facemoods Installer'
- [<HKLM>\SOFTWARE\Microsoft\MSNMessenger]
- %TEMP%\is233770471\1716732545.cfg
- %TEMP%\0001BFD0.log
- %TEMP%\0001B1C6.log
- %TEMP%\0001BFD0.log
- %TEMP%\0001B1C6.log
- 'vc.####moodsreport.com':80
- 'fa###oods.com':80
- fa###oods.com/public/download/1.4.17.3/ppcb/facemoods.cis
- vc.####moodsreport.com/vscript/vercheck.psc?pc#############
- DNS ASK fa###oods.com
- DNS ASK vc.####moodsreport.com
- ClassName: 'Shell_TrayWnd' WindowName: ''