Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Nvidia driver' = '%APPDATA%\csrss.exe'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{5J3X421E-3YN3-74GY-LXA3-4S4XWH2263}] 'StubPath' = '%APPDATA%\csrss.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DoNotAllowExceptions' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'EnableFirewall' = '00000000'
- %APPDATA%\csrss.exe
- <SYSTEM32>\netsh.exe firewall set opmode disable
- %APPDATA%\csrss.exe
- %APPDATA%\directx9.0.sys
- 'wo#####g88.hopto.org':33333
- DNS ASK wo#####g88.hopto.org