Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '<Полный путь к вирусу>' = '<Полный путь к вирусу>:*:Enabled:Facemoods ...
- [<HKLM>\SOFTWARE\Microsoft\MSNMessenger]
- %TEMP%\is233770471\619915972.cfg
- %TEMP%\is233770471\191314367.cfg
- 'us####.dtday.com':80
- 'eu####.dtday.com':80
- 'vc.###iteweb.com':80
- http://us####.dtday.com/Facemoods/facemoods_fxt_1.3.61.4.cis
- http://eu####.dtday.com/Facemoods/facemoods_fxt_1.3.61.4.cis
- http://vc.###iteweb.com/vscript/vercheck.psc?pc#############
- DNS ASK us####.dtday.com
- DNS ASK eu####.dtday.com
- DNS ASK vc.###iteweb.com
- ClassName: 'Shell_TrayWnd' WindowName: ''