Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{96DEABAC-7363-C118-EDD3-3F52EF011A69}] 'StubPath' = 'rsgsys.exe'
- <SYSTEM32>\reg.exe add hklm\SYSTEM\CurrentControlSet\Services\secdrv /v imagepath /t REG_EXPAND_SZ /d system32\DRIVERS\Secdrv.sys /f
- <SYSTEM32>\reg.exe add hklm\SYSTEM\CurrentControlSet\Services\secdrv /v imagepath /t REG_EXPAND_SZ /d system32\46172.tmp /f
- %WINDIR%\Installer\56481.msi
- <SYSTEM32>\rsgsys.exe
- <SYSTEM32>\dllcache\sswede3.dll
- %HOMEPATH%\49571.tmp
- %HOMEPATH%\Cookies\index32.dat
- %HOMEPATH%\Cookies\index32.dat
- <SYSTEM32>\46172.tmp
- 'go####.dinostrike.net':80
- DNS ASK go####.dinostrike.net
- '<IP-адрес в локальной сети>':1037