Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Control\Session Manager] 'BootExecute' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'GlobalFlagimglog' = '<SYSTEM32>\imglog.exe'
- <SYSTEM32>\winlogon.exe
- %TEMP%\History\History.IE5\desktop.ini
- %TEMP%\Temporary Internet Files\Content.IE5\K16BK9UN\desktop.ini
- <SYSTEM32>\imglog.exe
- %WINDIR%\ponto.DLL
- %TEMP%\Temporary Internet Files\Content.IE5\Y7O1E9AZ\desktop.ini
- %TEMP%\Temporary Internet Files\Content.IE5\desktop.ini
- %TEMP%\Temporary Internet Files\Content.IE5\H8DB6PQZ\desktop.ini
- %TEMP%\Temporary Internet Files\Content.IE5\0PB7KJVG\desktop.ini
- %TEMP%\Temporary Internet Files\Content.IE5\Y7O1E9AZ\desktop.ini
- %TEMP%\Temporary Internet Files\Content.IE5\K16BK9UN\desktop.ini
- %TEMP%\History\History.IE5\desktop.ini
- %TEMP%\Temporary Internet Files\Content.IE5\desktop.ini
- %TEMP%\Temporary Internet Files\Content.IE5\0PB7KJVG\desktop.ini
- %TEMP%\Temporary Internet Files\Content.IE5\H8DB6PQZ\desktop.ini
- 'sm##.#utopia.com.br':25
- 'pr####.ircgalaxy.pl':80
- DNS ASK sm##.#utopia.com.br
- DNS ASK pr####.ircgalaxy.pl
- ClassName: 'NDDEAgnt' WindowName: 'NetDDE Agent'