Техническая информация
- [<HKLM>\SOFTWARE\Classes\irc\Shell\open\command] '' = '"<SYSTEM32>\System.exe" -noconnect'
- [<HKLM>\SOFTWARE\Classes\ChatFile\Shell\open\command] '' = '"<SYSTEM32>\System.exe" -noconnect'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'winrar32' = '%WINDIR%\PIF\secuirity\guard\system32\System.exe'
- <SYSTEM32>\system.exe
- %WINDIR%\msagent\agentsvr.exe -Embedding
- <SYSTEM32>\oobe\CHK.TXT
- <SYSTEM32>\oobe\CHF.TXT
- <SYSTEM32>\oobe\aliases.ini
- %HOMEPATH%\Start Menu\Programs\Application name\Application name Uninstaller.lnk
- <SYSTEM32>\oobe\WFH.TXT
- <SYSTEM32>\oobe\remote.ini
- <SYSTEM32>\mirc.ini
- <SYSTEM32>\dmu.dll
- <SYSTEM32>\cdb.com
- <SYSTEM32>\system.exe
- <SYSTEM32>\NAME.TXT
- <SYSTEM32>\NAMA.TXT
- '20#.#.87.248':6667
- ClassName: 'Shell_TrayWnd' WindowName: ''