Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'csrss' = '<SYSTEM32>\csrss.exe'
- %TEMP%\csrss.exe
- %TEMP%\pinguin.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\task[1]
- %WINDIR%\direc.txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\task[1]
- %TEMP%\pinguin.exe
- %TEMP%\csrss.exe
- %APPDATA%\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sxx
- %TEMP%\csrss.exe
- %WINDIR%\direc.txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\task[1]
- %APPDATA%\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol
- <SYSTEM32>\csrss.exe
- %APPDATA%\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sxx в %APPDATA%\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol
- 'ma####ofasting.info':80
- ma####ofasting.info/task/?ui####################
- DNS ASK ma####ofasting.info
- ClassName: 'Shell_TrayWnd' WindowName: ''