Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'srcserv' = '<SYSTEM32>\srcserv\services.exe'
- '<SYSTEM32>\srcserv\services.exe'
- '<SYSTEM32>\cmd.exe' /c <Текущая директория>\_deleteme.bat
- <SYSTEM32>\srcserv\ss.dll
- <Текущая директория>\_deleteme.bat
- <SYSTEM32>\srcserv\services.exe
- <SYSTEM32>\srcserv\srckw.sys
- <SYSTEM32>\srcserv\ss.dll
- <SYSTEM32>\srcserv\srckw.sys
- 'www.hs##n.net':80
- http://www.hs##n.net/g.php?s=########################
- DNS ASK www.hs##n.net
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'searchservices_88888888' WindowName: 'searchservices_88888888'