Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'QQDisabled<Имя файла>' = '<Полный путь к файлу>'
- '<SYSTEM32>\taskkill.exe' /f /im explorer.exe
- %WINDIR%\Explorer.EXE
- '12#.#25.114.144':443
- 'localhost':1038
- DNS ASK ba###.baidu.com
- ClassName: 'OleMainThreadWndClass' WindowName: ''
- ClassName: 'BaseBar' WindowName: 'ChanApp'
- ClassName: 'CSCHiddenWindow' WindowName: ''
- ClassName: 'SystemTray_Main' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'Proxy Desktop' WindowName: ''
- ClassName: '' WindowName: ''
- '<SYSTEM32>\rundll32.exe' fldrclnr.dll,Wizard_RunDLL
- '%WINDIR%\explorer.exe'
- '<SYSTEM32>\cmd.exe' /c taskkill /f /im explorer.exe & %WINDIR%\explorer.exe