Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%ALLUSERSPROFILE%\DRM\svchost.exe'
- '<LS_APPDATA>\svchost.exe' "%APPDATA%\Microsoft\Trats\sysCache32.dll" work
- '%ALLUSERSPROFILE%\DRM\svchost.exe'
- %ALLUSERSPROFILE%\DRM\WMM2RES.dll
- %APPDATA%\Microsoft\Trats\sysCache32.dll
- <LS_APPDATA>\svchost.exe
- %ALLUSERSPROFILE%\DRM\svchost.exe
- 'yn#.##moyong.com':80
- yn#.##moyong.com/oi2c/wlc3/crnjeufu:00-00-00-00-00-01/ij83d
- yn#.##moyong.com/8jwpc/odw3ux
- DNS ASK yn#.##moyong.com
- ClassName: 'MovieMakerWndClass' WindowName: '(null)'