Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'WindowsXPSP2' = '%WINDIR%\system\SMSS.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'kimochiinstall' = '<SYSTEM32>\SSSH.exe'
- %WINDIR%\system\csrss.exe cmset.dll
- %WINDIR%\system\smss.exe
- %WINDIR%\system\h.exe CSRSS.exe cmset.dll
- %WINDIR%\system\shell.exe
- <SYSTEM32>\reg.exe ADD "HKLM\SOFTWARE\MICROSOFT\Windows\CurrentVersion\Run" /v WindowsXPSP2 /d "%WINDIR%\system\SMSS.exe"
- <SYSTEM32>\cmd.exe /c Start.bat
- %WINDIR%\system\start.bat
- <SYSTEM32>\sssh.exe
- %WINDIR%\system\smss.exe
- <SYSTEM32>\kimolc.exe\x.exe
- %WINDIR%\system\ServUStartUpLog.txt
- %WINDIR%\system\explorer.pid
- %WINDIR%\system\conf.dll
- %WINDIR%\system\shell.exe
- %WINDIR%\system\cygwin1.dll
- %WINDIR%\system\csrss.exe
- %WINDIR%\system\cmset.dll
- %WINDIR%\system\drisys.dll
- %WINDIR%\system\ServUDaemon.ini
- %WINDIR%\system\hh.dll
- %WINDIR%\system\h.exe
- 'de####.nsane.net':7000
- 'localhost':1044
- 'localhost':1049
- 'localhost':1047
- 'localhost':1037
- 'ir#.#ackn.us':7000
- 'localhost':1042
- 'localhost':1039
- DNS ASK de####.nsane.net
- DNS ASK ir#.#ackn.us
- ClassName: '' WindowName: ''