Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'WebCheck' = '{E6FB5E20-DE35-11CF-9C87-00AA005127ED}'
- [<HKLM>\SYSTEM\ControlSet001\Control\Print\Providers\_print_me] 'Name' = '%TEMP%\lkkusodbg16.dll'
- <SYSTEM32>\spoolsv.exe
- iexplore.exe
- intpro.exe
- %TEMP%\user32.dll
- %TEMP%\secur32.dll
- %TEMP%\kernel32.dll
- %TEMP%\lkkusodbg16.dll
- %WINDIR%\Temp\~01DB9F.tmp
- <SYSTEM32>\lkkusodbg16.dll
- %TEMP%\kernel32.dll
- %TEMP%\secur32.dll
- %TEMP%\user32.dll
- 'lo#####ort-conect.net':80
- DNS ASK lo#####ort-conect.net
- ClassName: 'SysPager' WindowName: '(null)'
- ClassName: 'ToolbarWindow32' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'TrayNotifyWnd' WindowName: '(null)'