Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'run' = '<SYSTEM32>\dll\Nvidia.exe'
- [<HKLM>\SOFTWARE\Classes\irc\Shell\open\command] '' = '"<SYSTEM32>\dll\Nvidia.exe" -noconnect'
- [<HKLM>\SOFTWARE\Classes\ChatFile\Shell\open\command] '' = '"<SYSTEM32>\dll\Nvidia.exe" -noconnect'
- '<SYSTEM32>\dll\hex.exe' "mIRC DB" /hide
- '<SYSTEM32>\dll\Nvidia.exe'
- '%WINDIR%\msagent\agentsvr.exe' -Embedding
- <SYSTEM32>\dll\remote.ini
- <SYSTEM32>\dll\flood.txt
- <SYSTEM32>\dll\mirc.ini
- <SYSTEM32>\dll\regedit
- <SYSTEM32>\dll\comenzi.ini
- <SYSTEM32>\dll\ID.TXT
- <SYSTEM32>\dll\Nvidia.exe
- <SYSTEM32>\dll\hex.exe
- <SYSTEM32>\dll\mirc.GID
- <SYSTEM32>\dll\nicks.txt
- <SYSTEM32>\dll\reclama.txt
- <SYSTEM32>\dll\flood.txt
- <SYSTEM32>\dll\ID.TXT
- <SYSTEM32>\dll\remote.ini
- <SYSTEM32>\dll\comenzi.ini
- <SYSTEM32>\dll\mirc.ini
- <SYSTEM32>\dll\Nvidia.exe
- <SYSTEM32>\dll\hex.exe
- <SYSTEM32>\dll\mirc.GID
- <SYSTEM32>\dll\nicks.txt
- <SYSTEM32>\dll\reclama.txt
- 'za####.#r.eu.undernet.org':6667
- DNS ASK za####.#r.eu.undernet.org
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''