Technical Information
- [<HKLM>\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] '<File name>' = '<Full path to file>'
- ClassName: 'TXGuiFoundation', WindowName: '小火箭通用加速'
- ClassName: 'TXGuiFoundation', WindowName: '电脑管家 - 软件管理'
- ClassName: 'TXGuiFoundation', WindowName: '电脑管家'
- ClassName: 'TXGuiFoundation', WindowName: '电脑管家:开机时间'
- 'c.###cn8.com':80
- http://c.###cn8.com/test/WebServ.txt
- DNS ASK c.###cn8.com
- ClassName: 'TrayNotifyWnd' WindowName: ''
- ClassName: 'Syspager' WindowName: ''
- ClassName: 'ToolbarWindow32' WindowName: ''
- ClassName: 'NotifyIconOverflowWindow' WindowName: ''
- ClassName: 'BDMTips' WindowName: 'BDMTrayTipWnd'
- ClassName: '#32770 (对话框)' WindowName: 'KaKa Player'
- ClassName: 'BDMSusFrame' WindowName: 'SusWnd'
- '%WINDIR%\syswow64\sc.exe' stop sharedaccess' (with hidden window)
- '%WINDIR%\syswow64\sc.exe' stop sharedaccess