Technical Information
- '%PROGRAM_FILES%\hahagame1\ie1.exe'
- '%PROGRAM_FILES%\Baidu\Toolbar\BarBroker.exe' -RegServer
- '%PROGRAM_FILES%\hahagame1\GameClient.exe'
- '%PROGRAM_FILES%\hahagame1\FlashGames.exe'
- '%PROGRAM_FILES%\hahagame1\kkll456.exe'
- '%WINDIR%\regedit.exe' /s "%PROGRAM_FILES%\hahagame1\QQMain.reg"
- %PROGRAM_FILES%\Baidu\Toolbar\BaiduBarX_Tmp\BaiduBarX.dll
- %PROGRAM_FILES%\hahagame1\theworld.ac
- %TEMP%\nsm2.tmp
- %PROGRAM_FILES%\Baidu\Toolbar\BarBroker.exe
- %ALLUSERSPROFILE%\Start Menu\Programs\百度工具栏\屏蔽列表.url
- %PROGRAM_FILES%\Baidu\Toolbar\BaiduBarX.dll
- %PROGRAM_FILES%\Baidu\Toolbar\rc.dll
- %PROGRAM_FILES%\hahagame1\ClientUpdate.exe
- %PROGRAM_FILES%\hahagame1\count.htm
- %PROGRAM_FILES%\hahagame1\chis.ini
- %PROGRAM_FILES%\hahagame1\chs.dll
- %PROGRAM_FILES%\hahagame1\FlashGames.exe
- %PROGRAM_FILES%\hahagame1\GameClient.exe
- %PROGRAM_FILES%\hahagame1\dailytips.ini
- %PROGRAM_FILES%\hahagame1\flash.mdb
- %ALLUSERSPROFILE%\Start Menu\Programs\百度工具栏\伴侣导航.url
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\hahaa[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\left_tree[1].asp
- %PROGRAM_FILES%\hahagame1\QQMain.reg
- %ALLUSERSPROFILE%\Start Menu\Programs\百度工具栏\卸载百度工具栏.lnk
- %APPDATA%\Baidu\Toolbar\logex.dat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\hahac[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\remen[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\sort[1].asp
- %ALLUSERSPROFILE%\Start Menu\Programs\百度工具栏\垃圾清理.url
- %ALLUSERSPROFILE%\Start Menu\Programs\百度工具栏\修复功能.url
- %ALLUSERSPROFILE%\Start Menu\Programs\百度工具栏\帮助指南.url
- %ALLUSERSPROFILE%\Start Menu\Programs\百度工具栏\广告拦截.url
- %ALLUSERSPROFILE%\Start Menu\Programs\百度工具栏\自定义按钮.url
- %PROGRAM_FILES%\hahagame1\twcache.ini
- %ALLUSERSPROFILE%\Start Menu\Programs\百度工具栏\隐私保护.url
- %ALLUSERSPROFILE%\Start Menu\Programs\百度工具栏\个性化首页.url
- %PROGRAM_FILES%\hahagame1\Skins\青葱岁月.asz
- %PROGRAM_FILES%\hahagame1\ImgCache\www.2548.cn_favicon.ico
- %PROGRAM_FILES%\hahagame1\ImgCache\www.51.la_favicon.ico
- %PROGRAM_FILES%\hahagame1\ImgCache\Thumbs.db
- %PROGRAM_FILES%\hahagame1\ImgCache\www.231wg.com_favicon.ico
- %PROGRAM_FILES%\hahagame1\ImgCache\www.ayxz.com_favicon.ico
- %PROGRAM_FILES%\hahagame1\ImgCache\www.baidu.com_favicon.ico
- %PROGRAM_FILES%\hahagame1\ImgCache\www.95599.cn_favicon.ico
- %PROGRAM_FILES%\hahagame1\ImgCache\www.alimama.com_favicon.ico
- %PROGRAM_FILES%\hahagame1\oem.ini
- %PROGRAM_FILES%\hahagame1\reopen.dll
- %PROGRAM_FILES%\hahagame1\ie1.exe
- %PROGRAM_FILES%\hahagame1\ie1.ini
- %PROGRAM_FILES%\hahagame1\kkll456.exe
- %PROGRAM_FILES%\hahagame1\ImgCache\easyabc.95599.cn_favicon.ico
- %PROGRAM_FILES%\hahagame1\setup.dll
- %PROGRAM_FILES%\hahagame1\uninst.exe
- %PROGRAM_FILES%\hahagame1\ImgCache\www.go2000.com_favicon.ico
- %PROGRAM_FILES%\hahagame1\Skins\怀旧木纹.asz
- %PROGRAM_FILES%\hahagame1\Skins\灰色轨迹.asz
- %PROGRAM_FILES%\hahagame1\Skins\兰色沉思.asz
- %PROGRAM_FILES%\hahagame1\Skins\冬季恋歌.asz
- %PROGRAM_FILES%\hahagame1\Skins\金属之美.asz
- %PROGRAM_FILES%\hahagame1\Skins\金色年华.asz
- %PROGRAM_FILES%\hahagame1\Skins\简约之美.asz
- %PROGRAM_FILES%\hahagame1\Skins\蔚蓝天际.asz
- %PROGRAM_FILES%\hahagame1\ImgCache\www.hao123.com_favicon.ico
- %PROGRAM_FILES%\hahagame1\ImgCache\www.ioage.com_favicon.ico
- %PROGRAM_FILES%\hahagame1\ImgCache\www.google.com.hk_favicon.ico
- %PROGRAM_FILES%\hahagame1\ImgCache\www.google.com_favicon.ico
- %PROGRAM_FILES%\hahagame1\Skins\Office2003.asz
- %PROGRAM_FILES%\hahagame1\Skins\Office2007.asz
- %PROGRAM_FILES%\hahagame1\ImgCache\www.taobao.com_favicon.ico
- %PROGRAM_FILES%\hahagame1\ImgCache\www.tqqa.com_favicon.ico
- %PROGRAM_FILES%\hahagame1\twcache.ini
- %PROGRAM_FILES%\hahagame1\theworld.ac
- %PROGRAM_FILES%\hahagame1\ImgCache\Thumbs.db
- %TEMP%\~DF5E60.tmp
- %PROGRAM_FILES%\hahagame1\QQMain.reg
- %PROGRAM_FILES%\hahagame1\ie1.ini
- from %PROGRAM_FILES%\hahagame1\ie1.ini.tmp to %PROGRAM_FILES%\hahagame1\ie1.ini
- 'www.ha###ouxi.com':80
- 'localhost':1043
- 'localhost':1035
- 'localhost':1039
- www.ha###ouxi.com/flashgame/flashgamecount/sort.asp
- www.ha###ouxi.com/FlashGame/FlashGameCount/update/version.txt
- www.ha###ouxi.com/hahac.htm
- www.ha###ouxi.com/hahaa.htm
- www.ha###ouxi.com/FlashGame/FlashGameCount/left_tree.asp
- www.ha###ouxi.com/flashgame/flashgamecount/remen.htm
- DNS ASK ba#.#aidu.com
- DNS ASK www.io##e.com
- DNS ASK to####r.baidu.com
- DNS ASK www.ha###ouxi.com
- DNS ASK www.on##.com
- ClassName: '' WindowName: '(null)'
- ClassName: 'WorkerW' WindowName: '(null)'
- ClassName: 'SysListView32' WindowName: '(null)'
- ClassName: 'RegEdit_RegEdit' WindowName: '(null)'
- ClassName: 'ReBarWindow32' WindowName: '(null)'
- ClassName: 'ComboBox' WindowName: '(null)'
- ClassName: 'Internet Explorer_Server' WindowName: '(null)'
- ClassName: 'ComboBoxEx32' WindowName: '(null)'
- ClassName: 'ToolbarWindow32' WindowName: '(null)'
- ClassName: 'SHELLDLL_DefView' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'Shell DocObject View' WindowName: '(null)'
- ClassName: 'Progman' WindowName: '(null)'
- ClassName: 'XFrame_Wnd' WindowName: '(null)'
- ClassName: 'Shell Embedding' WindowName: '(null)'