Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'rundll32.exe' = 'rundll32.exe "%ALLUSERSPROFILE%\Application Data\XpsFilter.dll",start'
- <SYSTEM32>\rundll32.exe "%ALLUSERSPROFILE%\Application Data\XpsFilter.dll",start
- [\REGISTRY\USER\S-1-5-20_Classes\Software\Microsoft\MSNMessenger]
- [<HKCU>_Classes\Software\Microsoft\MSNMessenger]
- [\REGISTRY\USER\S-1-5-18\Software\Microsoft\MSNMessenger]
- [\REGISTRY\USER\S-1-5-20\Software\Microsoft\MSNMessenger]
- [<HKCU>\Software\Microsoft\MSNMessenger]
- [\REGISTRY\USER\S-1-5-19\Software\Microsoft\MSNMessenger]
- [\REGISTRY\USER\S-1-5-19_Classes\Software\Microsoft\MSNMessenger]
- %APPDATA%\wmplay32.chq
- %ALLUSERSPROFILE%\Application Data\XpsFilter.dll
- <SYSTEM32>\cmd.exe
- 'pu#####pdate.mooo.com':443
- DNS ASK pu#####pdate.mooo.com
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''