Техническая информация
- [<HKLM>\SOFTWARE\Classes\wcyfile\Shell\Open\Command] '' = '%SystemRoot%\System32\WScript.exe "%1" %*'
- [<HKLM>\SOFTWARE\Classes\cysfile\shell\open\command] '' = 'WScript.exe "%WINDIR%\pipiCache.wmy" "%1"'
- '%PROGRAM_FILES%\F04AA3F2\xunleiThuen.exe' 7000
- '%PROGRAM_FILES%\F04AA3F2\coopen_setup_45703.exe'
- %PROGRAM_FILES%\Internet Explorer\MUI\iexplore.exe
- %WINDIR%\newicon.ico
- %WINDIR%\pipiCache.wmy
- %PROGRAM_FILES%\F04AA3F2\xunleiThuen.exe
- <SYSTEM32>\taobao.ico
- %PROGRAM_FILES%\Internet Explorer\SIGNUP\iexplore.exe
- %TEMP%\nsi3.tmp\modern-wizard.bmp
- %TEMP%\nst2.tmp
- %PROGRAM_FILES%\F04AA3F2\coopen_setup_45703.exe
- C:\A78F2B2F.log
- %TEMP%\nsi3.tmp\ioSpecial.ini
- C:\CCPMachineInfo.dll
- %TEMP%\nsi3.tmp\System.dll
- %WINDIR%\pipiCache.wmy
- 'www.su###anla.cn':80
- 'localhost':1036
- www.su###anla.cn/newad.html?78##
- DNS ASK www.su###anla.cn
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'progman' WindowName: 'Program Manager'
- ClassName: '#32770' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''