Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\W32Time] 'Start' = '00000002'
- <SYSTEM32>\net1.exe stop W32Time
- <SYSTEM32>\net1.exe start W32Time
- <SYSTEM32>\rundll32.exe C:\HUAHUA.DLL StartRouter
- %WINDIR%\regedit.exe /s %WINDIR%\1.reg
- <SYSTEM32>\net.exe stop W32Time
- <SYSTEM32>\sc.exe config W32Time start= auto
- %WINDIR%\1.reg
- C:\1.dll
- %PROGRAM_FILES%\XX.ini
- C:\HUAHUA.DLL
- %WINDIR%\1.reg
- 'qq#####5829.3322.org':8880
- DNS ASK qq#####5829.3322.org
- DNS ASK ti##.#indows.com
- 'ti##.#indows.com':123
- '<IP-адрес в локальной сети>':123
- ClassName: 'RegEdit_RegEdit' WindowName: ''