Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'WebCheck' = '{E6FB5E20-DE35-11CF-9C87-00AA005127ED}'
- [<HKLM>\SYSTEM\ControlSet001\Control\Print\Providers\_print_me] 'Name' = '%TEMP%\msreakdbg16.dll'
- <SYSTEM32>\spoolsv.exe
- iexplore.exe
- <SYSTEM32>\msreakdbg16.dll
- %WINDIR%\Temp\~01DB9F.tmp
- %TEMP%\msreakdbg16.dll
- '17#.#62.136.25':80