Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '' = '%HOMEPATH%\My Documents\csrrss.exe'
- <LS_APPDATA>\Xenocode\Sandbox\scnner tools\4.02.7.3\2012.09.12T07.19\Native\STUBEXE\@APPDATALOCAL@\Xenocode\Sandbox\scnner tools\4.02.7.3\2012.09.12T07.19\Native\STUBEXE\@DOCUMENTS@\csrrss.exe
- <LS_APPDATA>\Xenocode\Sandbox\scnner tools\4.02.7.3\2012.09.12T07.19\Virtual\STUBEXE\@PROFILE@\Local Settings\Temp\install3.exe
- %TEMP%\install3.exe
- <SYSTEM32>\rundll32.exe <SYSTEM32>\shimgvw.dll,ImageView_Fullscreen %TEMP%\microsoft.jpg
- Библиотека-обработчик для процесса 'csrrss.exe': %HOMEPATH%\My Documents\csrrss.exe
- %TEMP%\CRNJEUFU - 9-3-2012-7.44.08-PM.gif
- %HOMEPATH%\My Documents\csrrss.exe
- %TEMP%\install3.exe
- %TEMP%\microsoft.jpg
- 'sm##.gmail.com':587
- DNS ASK sm##.gmail.com
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'ShImgVw:CPreviewWnd' WindowName: ''