Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'WindowsU' = '<SYSTEM32>\\svchoster.exe'
- <SYSTEM32>\svchoster.exe
- %WINDIR%\msagent\agentsvr.exe -Embedding
- <SYSTEM32>\mdx.dll
- <SYSTEM32>\svchoster.exe
- <SYSTEM32>\nicklist.dll
- <SYSTEM32>\moo.dll
- <SYSTEM32>\remote.ini
- <SYSTEM32>\aliases.ini
- <SYSTEM32>\nicks.txt
- <SYSTEM32>\mirc.ini
- <SYSTEM32>\control.ini
- 'ow##.##rom-nwar.info':6667
- 'ow##.ircmax.net':6667
- DNS ASK ow##.##rom-nwar.info
- DNS ASK ow##.ircmax.net
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''