Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '<Имя вируса>' = '<Полный путь к вирусу>'
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\sc.exe' stop sharedaccess
- ClassName: 'TXGuiFoundation' WindowName: '电脑管家'
- ClassName: 'TXGuiFoundation' WindowName: '????'
- ClassName: 'TXGuiFoundation' WindowName: '电脑管家:开机时间'
- ClassName: 'TXGuiFoundation' WindowName: '????:????'
- ClassName: 'TXGuiFoundation' WindowName: '小火箭通用加速'
- ClassName: 'TXGuiFoundation' WindowName: '???????'
- ClassName: 'TXGuiFoundation' WindowName: '电脑管家 - 软件管理'
- ClassName: 'TXGuiFoundation' WindowName: '???? - ????'
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- ClassName: '#32770 (???)' WindowName: 'KaKa Player'
- ClassName: 'BDMTips' WindowName: 'BDMTrayTipWnd'
- ClassName: 'BDMSusFrame' WindowName: 'SusWnd'
- ClassName: '#32770 (对话框)' WindowName: 'KaKa Player'
- ClassName: 'TrayNotifyWnd' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'ToolbarWindow32' WindowName: ''
- ClassName: 'Syspager' WindowName: ''