Technical Information
- [<HKLM>\SOFTWARE\Classes\HaoZip.cpio\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.tbz2\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.lzma86\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.uue\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.001\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.rpm\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.7z\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.swm\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.cab\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.tgz\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.arj\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.img\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.txz\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.zipx\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.hzskin\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.alz\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.xz\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.isz\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.ace\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.rar.split\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.sfxv\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.zip.split\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.tbz\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.bz2\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.z\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.lzh\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.xpi\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.bz\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.tar\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.zip\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.dmg\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.tpz\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.gz\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.deb\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.bzip2\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.taz\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.lha\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.lzma\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.xar\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.rar\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.wim\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.iso\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.gzip\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- [<HKLM>\SOFTWARE\Classes\HaoZip.hfs\shell\open\command] '' = '"%PROGRAM_FILES%\HaoZip\HaoZip.exe" "%1"'
- '%PROGRAM_FILES%\HaoZip\HaoZipLoader.exe' -statistics ;;K18;K01
- '%PROGRAM_FILES%\HaoZip\HaoZipUpdate.exe' -install
- '%PROGRAM_FILES%\HaoZip\HaoZipCD.exe' ld -am
- '<SYSTEM32>\2345haozip_k58347464.exe'
- '%PROGRAM_FILES%\HaoZip\HaoZipLoader.exe' -install02 0 5
- '%PROGRAM_FILES%\HaoZip\HaoZip.exe' --remove:
- '<SYSTEM32>\runonce.exe' -r
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- ClassName: '' WindowName: 'Process Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'PROCMON_WINDOW_CLASS' WindowName: ''
- ClassName: '' WindowName: 'Registry Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'RegmonClass' WindowName: ''
- ClassName: '' WindowName: 'File Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'GBDYLLO' WindowName: ''
- ClassName: 'OLLYDBG' WindowName: ''
- ClassName: 'FilemonClass' WindowName: ''
- ClassName: 'pediy06' WindowName: ''
- %HOMEPATH%\Start Menu\Programs\好压\好压实用工具\批量字符替换.lnk
- %HOMEPATH%\Start Menu\Programs\好压\好压帮助指南.lnk
- %HOMEPATH%\Start Menu\Programs\好压\好压实用工具\虚拟光驱.lnk
- %HOMEPATH%\Start Menu\Programs\好压\好压实用工具\批量文件改名.lnk
- %HOMEPATH%\Start Menu\Programs\好压\好压版本升级.lnk
- %ALLUSERSPROFILE%\Start Menu\Programs\好压\好压实用工具\MD5校验.lnk
- %ALLUSERSPROFILE%\Start Menu\Programs\好压\好压实用工具\虚拟光驱.lnk
- %HOMEPATH%\Start Menu\Programs\好压\卸载好压.lnk
- %ALLUSERSPROFILE%\Start Menu\Programs\好压\好压.lnk
- %HOMEPATH%\Start Menu\Programs\好压\好压实用工具\MD5校验.lnk
- %PROGRAM_FILES%\HaoZip\HaozipCD.dll
- %PROGRAM_FILES%\HaoZip\HaoZipVirtualCDBus.inf
- %PROGRAM_FILES%\HaoZip\HaoZipExt.dll
- %PROGRAM_FILES%\HaoZip\HaoZipCD.exe
- %PROGRAM_FILES%\HaoZip\HaoZipVirtualCDBus.sys
- %HOMEPATH%\Start Menu\好压.lnk
- %HOMEPATH%\Start Menu\Programs\好压\好压.lnk
- %PROGRAM_FILES%\HaoZip\haozipvirtualcdbus.cat
- %PROGRAM_FILES%\HaoZip\Uninstall.exe
- <DRIVERS>\HaoZipVirtualCDBus.sys
- <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem3.CAT
- %TEMP%\nss3.tmp\nsDialogs.dll
- %PROGRAM_FILES%\HaoZip\config\HaoZipCD.hzc
- %WINDIR%\inf\oem3.inf
- %WINDIR%\Temp\OLD10.tmp
- <DRIVERS>\SET11.tmp
- %WINDIR%\inf\oem3.PNF
- %WINDIR%\LastGood\TMPF.tmp
- %PROGRAM_FILES%\HaoZip\config\HaoZip.ust
- %ALLUSERSPROFILE%\Start Menu\Programs\好压\好压帮助指南.lnk
- %ALLUSERSPROFILE%\Start Menu\Programs\好压\好压版本升级.lnk
- %ALLUSERSPROFILE%\Start Menu\Programs\好压\好压实用工具\批量文件改名.lnk
- %ALLUSERSPROFILE%\Start Menu\Programs\好压\好压实用工具\批量字符替换.lnk
- %ALLUSERSPROFILE%\Start Menu\Programs\好压\卸载好压.lnk
- %PROGRAM_FILES%\HaoZip\config\HaoZip.hzc
- %TEMP%\HZ~8.tmp
- %PROGRAM_FILES%\HaoZip\config\HaoZip.hzv
- %PROGRAM_FILES%\HaoZip\config\HaoZip.hzs
- %PROGRAM_FILES%\HaoZip\HaoZipLoader.exe
- %PROGRAM_FILES%\HaoZip\HaoZipRename.exe
- %PROGRAM_FILES%\HaoZip\HaoZipC.exe
- %PROGRAM_FILES%\HaoZip\HaoZipScan.exe
- %PROGRAM_FILES%\HaoZip\HaoZipReplace.exe
- %PROGRAM_FILES%\HaoZip\config\HaoZipLang.ini
- %PROGRAM_FILES%\HaoZip\HaoZip.chm
- %PROGRAM_FILES%\HaoZip\HaoZipMd5.exe
- %PROGRAM_FILES%\HaoZip\lang\HaoZipLang_chs.dll
- %PROGRAM_FILES%\HaoZip\HaoZipUpdate.exe
- %TEMP%\nsx2.tmp
- %TEMP%\nss3.tmp\FileInfo.dll
- <SYSTEM32>\2345haozip_k58347464.exe
- <SYSTEM32>\empty.exe
- %TEMP%\nss3.tmp\System.dll
- %TEMP%\nss3.tmp\HaoZipLogo_chs.bmp
- %PROGRAM_FILES%\HaoZip\HaoZip.exe
- <SYSTEM32>\bill.ini
- %TEMP%\nss3.tmp\modern-header.bmp
- %PROGRAM_FILES%\HaoZip\HaoZipEditor.dll
- %PROGRAM_FILES%\HaoZip\sfx\HaoZip7zCon.sfx
- %PROGRAM_FILES%\HaoZip\HaoZipCom.dll
- %PROGRAM_FILES%\HaoZip\UNACEV2.DLL
- %PROGRAM_FILES%\HaoZip\sfx\HaoZip7zSetup.sfx
- %PROGRAM_FILES%\HaoZip\skins\HaoZip.skn
- %PROGRAM_FILES%\HaoZip\skins\HaoZip.xml
- %PROGRAM_FILES%\HaoZip\HaoZipUI.dll
- %PROGRAM_FILES%\HaoZip\skins\HaoZip.dui
- %PROGRAM_FILES%\HaoZip\HaoZipFormats.dll
- %PROGRAM_FILES%\HaoZip\ZipNew.data
- %PROGRAM_FILES%\HaoZip\TarNew.data
- %PROGRAM_FILES%\HaoZip\2345好压免责声明.txt
- %PROGRAM_FILES%\HaoZip\7zNew.data
- %PROGRAM_FILES%\HaoZip\RarNew.data
- %PROGRAM_FILES%\HaoZip\HaoZipImage.dll
- %PROGRAM_FILES%\HaoZip\HaoZip.dll
- %PROGRAM_FILES%\HaoZip\Microsoft.VC80.CRT.manifest
- %PROGRAM_FILES%\HaoZip\msvcr80.dll
- <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem3.CAT
- <DRIVERS>\HaoZipVirtualCDBus.sys
- %WINDIR%\Temp\OLD10.tmp
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- from <DRIVERS>\SET11.tmp to <DRIVERS>\HaoZipVirtualCDBus.sys
- from %WINDIR%\LastGood\TMPF.tmp to %WINDIR%\LastGood\system32\DRIVERS\HaoZipVirtualCDBus.sys
- from %TEMP%\HZ~8.tmp to %PROGRAM_FILES%\HaoZip\config\HaoZip.hzc
- 'up####.haozip.com':80
- 'www.so##.org':80
- www.so##.org/bd/yz.txt
- up####.haozip.com/
- DNS ASK up####.haozip.com
- DNS ASK www.so##.org
- ClassName: '#32770' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '18467-41' WindowName: ''