Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'WinReg' = '<DRIVERS>\etc\svchost.exe'
- [<HKLM>\SOFTWARE\Classes\irc\Shell\open\command] '' = '"<DRIVERS>\etc\svchost.exe"'
- [<HKLM>\SOFTWARE\Classes\ChatFile\Shell\open\command] '' = '"<DRIVERS>\etc\svchost.exe"'
- <DRIVERS>\etc\x.exe mIRC
- <DRIVERS>\etc\svchost.exe
- %WINDIR%\msagent\agentsvr.exe -Embedding
- <DRIVERS>\etc\win.com
- <DRIVERS>\etc\vir.exe
- <DRIVERS>\etc\win.exe
- <DRIVERS>\etc\TMP1.$$$
- <DRIVERS>\etc\x.exe
- <DRIVERS>\etc\svchost.exe
- <DRIVERS>\etc\mirc.ini
- <DRIVERS>\etc\id.exe
- <DRIVERS>\etc\reg.dll
- <DRIVERS>\etc\rundll.exe
- <DRIVERS>\etc\remote.ini
- <DRIVERS>\etc\TMP1.$$$
- 'os###.##.eu.undernet.org':6667
- DNS ASK Os###.##.EU.undernet.org
- ClassName: '' WindowName: 'mIRC'
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''