Техническая информация
- [<HKLM>\SOFTWARE\Classes\ChatFile\Shell\open\command] '' = '"<SYSTEM32>\explorer.exe" -noconnect'
- [<HKLM>\SOFTWARE\Classes\irc\Shell\open\command] '' = '"<SYSTEM32>\explorer.exe" -noconnect'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'taskmgr' = 'C:\WINNT\system32\explorer.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'IExplorer' = '<SYSTEM32>\explorer.exe'
- <SYSTEM32>\explorer.exe
- %WINDIR%\msagent\agentsvr.exe -Embedding
- %WINDIR%\regedit.exe /s sup.reg
- <SYSTEM32>\cmd.exe /c ""<SYSTEM32>\sup.bat" "
- <SYSTEM32>\crazy2.mrc
- <SYSTEM32>\crazy3.mrc
- <SYSTEM32>\crazy4.mrc
- <SYSTEM32>\sup.reg
- <SYSTEM32>\perform.ini
- <SYSTEM32>\crazy.mrc
- <SYSTEM32>\crazy5.mrc
- <SYSTEM32>\TMP3.$$$
- <SYSTEM32>\TMP4.$$$
- <SYSTEM32>\TMP5.$$$
- <SYSTEM32>\crazy6.mrc
- <SYSTEM32>\crazy7.mrc
- <SYSTEM32>\TMP2.$$$
- <SYSTEM32>\aliases.ini
- <SYSTEM32>\control.ini
- <SYSTEM32>\mirc.ini
- <SYSTEM32>\fullname.txt
- <SYSTEM32>\identd.txt
- <SYSTEM32>\nicks.txt
- <SYSTEM32>\remote.ini
- <SYSTEM32>\sup.bat
- <SYSTEM32>\explorer.exe
- <SYSTEM32>\mirc.ico
- <SYSTEM32>\script.ini
- <SYSTEM32>\servers.ini
- <SYSTEM32>\users.ini
- <SYSTEM32>\TMP4.$$$
- <SYSTEM32>\TMP5.$$$
- <SYSTEM32>\TMP2.$$$
- <SYSTEM32>\TMP3.$$$
- 'us.##dernet.org':6667
- DNS ASK us.##dernet.org
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''