Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'cssrs' = '%APPDATA%\Macromidia\cssrs.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\cdc32x] 'Start' = '00000000'
- %APPDATA%\Macromidia\cssrs.exe
- <SYSTEM32>\reg.exe add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations /v LowRiskFileTypes /t REG_SZ /d .exe /f
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Associations] 'LowRiskFileTypes' = '.exe'
- <DRIVERS>\cdc32x.sys
- %APPDATA%\Macromidia\cssrs.exe
- '18#.#11.126.156':80
- '20#.#10.200.229':80
- '20#.#16.229.196':80
- '20#.#.128.91':80
- 18#.#11.126.156/BKP_site/SiplanAdmin/images/c.asp
- 20#.#10.200.229/files/c.asp
- 20#.#16.229.196/KFBid/c.asp
- 20#.#.128.91/images/c.asp
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''