Техническая информация
- [<HKLM>\SOFTWARE\Classes\irc\Shell\open\command] '' = '"%WINDIR%\config\install\svchost.exe"'
- [<HKLM>\SOFTWARE\Classes\ChatFile\Shell\open\command] '' = '"%WINDIR%\config\install\svchost.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\svchost] 'Start' = '00000002'
- %WINDIR%\Config\install\svchost.exe
- %WINDIR%\Config\install\hex.exe /hide mIRC*
- %WINDIR%\Config\install\services.exe -install -name:"svchost" -launch:"svchost.exe"
- %WINDIR%\Config\install\services.exe /name:"svchost" /start:"svchost.exe"
- <SYSTEM32>\net1.exe start svchost
- %WINDIR%\msagent\agentsvr.exe -Embedding
- <SYSTEM32>\cmd.exe /c ""%WINDIR%\config\install\hook.bat" "
- <SYSTEM32>\sc.exe description svchost "Controls system partition data in NTFS systems."
- ClassName: 'RegMonClass' WindowName: ''
- ClassName: 'FileMonClass' WindowName: ''
- %WINDIR%\Config\install\nt.dll
- %WINDIR%\Config\install\moodll.mrc
- %WINDIR%\Config\install\remote.ini
- %WINDIR%\Config\install\svchost.exe
- %WINDIR%\Config\install\services.exe
- %WINDIR%\Config\install\moo.dll
- %WINDIR%\Config\install\aliases.ini
- %WINDIR%\Config\install\x.mrc
- %WINDIR%\Config\install\hex.exe
- %WINDIR%\Config\install\mirc.ini
- %WINDIR%\Config\install\hook.bat
- %WINDIR%\Config\install\TMP2.$$$
- 'gm#.mine.nu':9000
- DNS ASK gm#.mine.nu
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''