Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'WebCheck' = '{E6FB5E20-DE35-11CF-9C87-00AA005127ED}'
- [<HKLM>\SYSTEM\ControlSet001\Control\Print\Providers\_print_me] 'Name' = '"%TEMP%\lksoakkav32.dll"'
- <SYSTEM32>\spoolsv.exe
- iexplore.exe
- <SYSTEM32>\lksoakkav32.dll
- %WINDIR%\Temp\~01DB9F.tmp
- %TEMP%\lksoakkav32.dll
- 'lo#####ort-conect.net':80
- lo#####ort-conect.net/test/page2.php?id############################
- DNS ASK lo#####ort-conect.net
- '<IP-адрес в локальной сети>':1034