Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'NetworkSubsystem' = '"%ALLUSERSPROFILE%\Application Data\Csrss\csrss.exe"'
- %ALLUSERSPROFILE%\Application Data\Csrss\csrss.exe
- %TEMP%\7aI6EGxO2l\state.tmp
- %ALLUSERSPROFILE%\Application Data\Csrss\csrss.exe
- %TEMP%\7aI6EGxO2l\state.tmp в %TEMP%\7aI6EGxO2l\state
- 'localhost':1036
- '19#.#3.244.244':443
- '12#.31.0.39':9101