Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'XiaoHua100' = '"%PROGRAM_FILES%\xiaohua100\xiaohua2013052917.exe" /A'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%PROGRAM_FILES%\xiaohua100\xiaohua2013052917.exe' = '%PROGRAM_FILES%\xiaohua100\xiaohua2013052917.exe:*:Enabled:Р¦»°100'
- '%PROGRAM_FILES%\xiaohua100\xiaohua2013052917.exe' /ShowCfg
- %HOMEPATH%\AppData\LocalLow\XiaoHua100\btn3.png
- %HOMEPATH%\AppData\LocalLow\XiaoHua100\btns.js
- %HOMEPATH%\AppData\LocalLow\XiaoHua100\btn1.png
- %HOMEPATH%\AppData\LocalLow\XiaoHua100\btn2.png
- %ALLUSERSPROFILE%\Start Menu\Programs\Р¦»°100\Р¶ФШР¦»°100.lnk
- %ALLUSERSPROFILE%\Desktop\Р¦»°100.lnk
- %PROGRAM_FILES%\xiaohua100\uninst.exe
- %ALLUSERSPROFILE%\Start Menu\Programs\Р¦»°100\Р¦»°100.lnk
- %PROGRAM_FILES%\xiaohua100\aa.bmp
- %TEMP%\nsh3.tmp\services.dll
- %TEMP%\nsh3.tmp\KillProcDLL.dll
- %TEMP%\nsr2.tmp
- %TEMP%\nsh3.tmp\System.dll
- %PROGRAM_FILES%\xiaohua100\XHUpdate.exe
- %PROGRAM_FILES%\xiaohua100\xiaohuadesk.exe
- %PROGRAM_FILES%\xiaohua100\xiaohua2013052917.exe
- %PROGRAM_FILES%\xiaohua100\xiaohuasvr2013052917.exe
- %TEMP%\nsh3.tmp\System.dll
- %TEMP%\nsh3.tmp\services.dll
- %TEMP%\nsh3.tmp\KillProcDLL.dll
- ClassName: 'Shell_TrayWnd' WindowName: ''