Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'WinReg' = '<DRIVERS>\etc\svchost.exe'
- [<HKLM>\SOFTWARE\Classes\irc\Shell\open\command] '' = '"<DRIVERS>\etc\svchost.exe"'
- [<HKLM>\SOFTWARE\Classes\ChatFile\Shell\open\command] '' = '"<DRIVERS>\etc\svchost.exe"'
- '<DRIVERS>\etc\x.exe' mIRC
- '<DRIVERS>\etc\svchost.exe'
- '%WINDIR%\msagent\agentsvr.exe' -Embedding
- <DRIVERS>\etc\win.com
- <DRIVERS>\etc\vir.exe
- <DRIVERS>\etc\win.exe
- <DRIVERS>\etc\TMP1.$$$
- <DRIVERS>\etc\x.exe
- <DRIVERS>\etc\svchost.exe
- <DRIVERS>\etc\mirc.ini
- <DRIVERS>\etc\id.exe
- <DRIVERS>\etc\reg.dll
- <DRIVERS>\etc\rundll.exe
- <DRIVERS>\etc\remote.ini
- <DRIVERS>\etc\TMP1.$$$
- 'us.##dernet.org':6667
- 'os###.##.eu.undernet.org':6667
- DNS ASK us.##dernet.org
- DNS ASK Os###.##.EU.undernet.org
- ClassName: '(null)' WindowName: 'mIRC'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'