Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'csrss' = 'C:\Users\%USERNAME%\AppData\Local\Temp\csrss.exe'
- 'C:\Users\%USERNAME%\AppData\Local\Temp\address.exe'
- 'C:\Users\%USERNAME%\AppData\Local\Temp\csrss.exe'
- '<SYSTEM32>\wscript.exe' "C:\Users\%USERNAME%\AppData\Local\Temp\zvbs.vbs"
- C:\Users\%USERNAME%\AppData\Local\Temp\csrss.exe
- %TEMP%\31564PAQ.bat
- C:\Users\%USERNAME%\AppData\Local\Temp\zvbs.vbs
- C:\Users\%USERNAME%\AppData\Local\Temp\address.exe
- %TEMP%\31564PAQ.bat
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''