Техническая информация
- [<HKLM>\Software\Classes\ChatFile\Shell\open\command] '' = '"%WINDIR%\Config\windows.exe" -noconnect'
- [<HKLM>\Software\Classes\irc\Shell\open\command] '' = '"%WINDIR%\Config\windows.exe" -noconnect'
- <SYSTEM32>\web.exe
- %TEMP%\gert0.dll
- %TEMP%\ci0-temp\ahmet.set
- %WINDIR%\config\chans.dll
- %WINDIR%\config\email.txt
- %WINDIR%\config\mirc.ini
- %WINDIR%\config\nicsk.txt
- %WINDIR%\config\server.dll
- %WINDIR%\config\sfwwin32.dll
- %WINDIR%\config\sysdll.dll
- %WINDIR%\config\sysingb32.dll
- %WINDIR%\config\windows.exe
- %WINDIR%\config\nicsk.txt
- %TEMP%\ci0-temp\ahmet.set
- %TEMP%\gert0.dll
- ClassName: 'EDIT' WindowName: ''
- '<SYSTEM32>\web.exe'
- '%WINDIR%\config\windows.exe' windows.exe