Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'sysDrive' = '%WINDIR%\javaa\service.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'system' = '<SYSTEM32>\system\windowss.exe'
- <Drive name for removable media>:\Rina_Rudy_Luph_You_Banged.exe
- <Drive name for removable media>:\Jatimcrew Under Cover\Rina_Rudy_Luph_You_Banged.exe
- C:\Rina_Rudy_Luph_You_Banged.exe
- %WINDIR%\javaa\service.exe
- <SYSTEM32>\system\windowss.exe
- C:\Jatimcrew Under Cover\Rina_Rudy_Luph_You_Banged.exe