Техническая информация
- [<HKLM>\SOFTWARE\Classes\irc\Shell\open\command] '' = '"<DRIVERS>\Service" -noconnect'
- [<HKLM>\SOFTWARE\Classes\ChatFile\Shell\open\command] '' = '"<DRIVERS>\Service" -noconnect'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'ServiceStartUp' = '<DRIVERS>\UpdateService.exe'
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\ServiceStartUp.lnk
- <DRIVERS>\Service
- <DRIVERS>\UpdateService.exe
- %WINDIR%\msagent\agentsvr.exe -Embedding
- <DRIVERS>\whois.xt
- <DRIVERS>\UpdateService.exe
- <DRIVERS>\remote.ini
- <DRIVERS>\zena.xt
- <DRIVERS>\id.xt
- %TEMP%\GS1.tmp
- <DRIVERS>\Service
- <DRIVERS>\mIrC.ini
- %TEMP%\GS1.tmp
- 'he#.##-picssite.com':4786
- DNS ASK he#.##-picssite.com