Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'cssrs' = '%APPDATA%\Macromidia\cssrs.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\cdc32x] 'Start' = '00000000'
- %APPDATA%\Macromidia\cssrs.exe
- <SYSTEM32>\reg.exe add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations /v LowRiskFileTypes /t REG_SZ /d .exe /f
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Associations] 'LowRiskFileTypes' = '.exe'
- <DRIVERS>\cdc32x.sys
- %APPDATA%\Macromidia\cssrs.exe
- '80.##.102.158':80
- '80.##7.188.147':80
- '62.##.68.206':80
- '80.##.157.125':80
- 80.##.102.158/images/a.asp
- 80.##7.188.147/images/a.asp
- 62.##.68.206/images/a.asp
- 80.##.157.125/images/a.asp
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''