Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '清理垃圾' = '"rundll32.exe %PROGRAM_FILES%\TheLife\life_878.tmp StartRouter"'
- %WINDIR%\regedit.exe /s %WINDIR%\help\life.reg
- <SYSTEM32>\rundll32.exe "%PROGRAM_FILES%\TheLife\life_878.tmp"StartRouter
- %WINDIR%\Help\life.reg
- %PROGRAM_FILES%\TheLife\life_878.tmp
- 'xq##.3322.org':5533
- DNS ASK xq##.3322.org
- '<IP-адрес в локальной сети>':1037
- ClassName: 'RegEdit_RegEdit' WindowName: ''