Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'CSRSS' = '"%ALLUSERSPROFILE%\Application Data\Drivers\csrss.exe"'
- %ALLUSERSPROFILE%\Application Data\Drivers\csrss.exe
- %TEMP%\4kPv6aJG8e\state.tmp
- %ALLUSERSPROFILE%\Application Data\Drivers\csrss.exe
- %TEMP%\4kPv6aJG8e\state.tmp в %TEMP%\4kPv6aJG8e\state
- 'localhost':1038
- '86.#9.21.38':443
- '20#.#3.223.34':80