Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'servises' = '<SYSTEM32>\servises.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'servises' = '<SYSTEM32>\servises.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'servises' = '<SYSTEM32>\servises.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] 'servises' = '<SYSTEM32>\servises.exe'
- <SYSTEM32>\_id.dat
- <SYSTEM32>\servises.exe
- '91.##7.4.138':80
- http://91.##7.4.138/spm/page.php?id#####################################
- http://91.##7.4.138/spm/get_id.php
- http://91.##7.4.138/spm/page.php?ve########################
- ClassName: 'Indicator' WindowName: ''