Техническая информация
- [<HKLM>\SOFTWARE\Classes\InternetShortcut\shell\open\command] '' = 'rundll32.exe shdocvw.dll,OpenURL %l'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '系统还原必须' = '%PROGRAM_FILES%\home\gho.exe'
- '<SYSTEM32>\ping.exe' 127.0.0.1 -n 3
- %HOMEPATH%\Favorites\搜狗一下-你就知道.url
- %TEMP%\aut3.tmp
- %PROGRAM_FILES%\winzip\daohang.exe
- %HOMEPATH%\Favorites\U卫士启动盘.url
- %HOMEPATH%\Favorites\330la在线小游戏.url
- %HOMEPATH%\Favorites\26176小游戏.url
- %HOMEPATH%\Desktop\网址导航.lnk
- %TEMP%\aut5.tmp
- %PROGRAM_FILES%\winzip\youxi.exe
- %HOMEPATH%\Desktop\4399小游戏.lnk
- %TEMP%\aut4.tmp
- %PROGRAM_FILES%\winzip\taowbaosc.exe
- %HOMEPATH%\Desktop\淘宝商城.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\网址导航.url
- %HOMEPATH%\Favorites\win8电脑系统下载.url
- %HOMEPATH%\Favorites\52xp win7系统下载.url
- %TEMP%\aut1.tmp
- %PROGRAM_FILES%\home\gho.exe
- %TEMP%\aut2.tmp
- %HOMEPATH%\Favorites\115118.net绿色网址之家.url
- %HOMEPATH%\Favorites\xtxz安卓手机系统下载.url
- %HOMEPATH%\Favorites\win860启动光盘 下载站.url
- %HOMEPATH%\Favorites\淘宝网-淘!我喜欢.url
- %HOMEPATH%\Favorites\趣卓手机系统之家.url
- %HOMEPATH%\Favorites\百度一下-你就知道.url
- %HOMEPATH%\Favorites\uc880单机游戏 下载基地.url
- %TEMP%\aut4.tmp
- %TEMP%\aut5.tmp
- %TEMP%\aut3.tmp
- %TEMP%\aut1.tmp
- %TEMP%\aut2.tmp
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'