Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] 'Options3' = 'rdatdll5.'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'System Servicet' = 'rdatdll5.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] 'Options3' = ''
- '<SYSTEM32>\wndscsy.exe' a
- <SYSTEM32>\netstsys.exe
- <SYSTEM32>\lkavs3d.exe
- <SYSTEM32>\wndscsy.exe
- <SYSTEM32>\rdatdll5.exe
- <SYSTEM32>\netstsys.exe
- <SYSTEM32>\lkavs3d.exe
- <SYSTEM32>\wndscsy.exe
- <SYSTEM32>\rdatdll5.exe
- <SYSTEM32>\netstsys.exe
- <SYSTEM32>\lkavs3d.exe
- <SYSTEM32>\wndscsy.exe
- <SYSTEM32>\rdatdll5.exe
- 'www.le####oflions.com':80
- 'www.an###take.com':80
- www.le####oflions.com/member.php?u=####
- www.an###take.com/forums/members/nince_love.html
- DNS ASK www.le####oflions.com
- DNS ASK www.an###take.com