{"id":2051,"date":"2007-12-16T08:25:00","date_gmt":"2007-12-16T00:25:00","guid":{"rendered":"http:\/\/blog.pmail.idv.tw\/?p=2051"},"modified":"2007-12-16T08:25:00","modified_gmt":"2007-12-16T00:25:00","slug":"troj_agent-ahau%e7%97%85%e6%af%92","status":"publish","type":"post","link":"https:\/\/blog.pmail.idv.tw\/?p=2051","title":{"rendered":"TROJ_AGENT.AHAU\u75c5\u6bd2"},"content":{"rendered":"<p>TROJ_AGENT.AHAU\u75c5\u6bd2<\/p>\n<p><a href=\"https:\/\/blog.pmail.idv.tw\/wp-content\/uploads\/2012\/04\/21-6.jpg\" target=\"_blank\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; border-bottom: 0px; border-left: 0px; padding-left: 0px; padding-right: 0px; display: inline; border-top: 0px; border-right: 0px; padding-top: 0px\" title=\"21-6\" border=\"0\" alt=\"21-6\" src=\"https:\/\/blog.pmail.idv.tw\/wp-content\/uploads\/2012\/04\/21-6_thumb.jpg\" width=\"244\" height=\"217\"><\/a><\/p>\n<p><!--more--><\/p>\n<p>\u4e2d\u6bd2\u6a94\u6848 c:windowssystem32winupdate.exe<br \/>\u89e3\u6c7a\u65b9\u6cd5<br \/>1.\u5b89\u5168\u6a21\u5f0f\u522a\u9664 c:windowssystem32winupdate.exe<br \/>2.\u522a\u9664\u767b\u9304\u6a94<br \/>HKEY_CURRENT_USERSoftwareMicrosoftWindowsShellNoRoamMUICache <\/p>\n<p><a href=\"https:\/\/blog.pmail.idv.tw\/wp-content\/uploads\/2012\/04\/21-7.jpg\" target=\"_blank\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; border-bottom: 0px; border-left: 0px; padding-left: 0px; padding-right: 0px; display: inline; border-top: 0px; border-right: 0px; padding-top: 0px\" title=\"21-7\" border=\"0\" alt=\"21-7\" src=\"https:\/\/blog.pmail.idv.tw\/wp-content\/uploads\/2012\/04\/21-7_thumb.jpg\" width=\"244\" height=\"43\"><\/a> <\/p>\n<p>HKEY_CURRENT_USERSoftwareMicrosoftWindows NTCurrentVersionWinlogon\u4e2d\u7684shell\u5b57\u4e32\u503c <\/p>\n<p><a href=\"https:\/\/blog.pmail.idv.tw\/wp-content\/uploads\/2012\/04\/21-8.jpg\" target=\"_blank\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; border-bottom: 0px; border-left: 0px; padding-left: 0px; padding-right: 0px; display: inline; border-top: 0px; border-right: 0px; padding-top: 0px\" title=\"21-8\" border=\"0\" alt=\"21-8\" src=\"https:\/\/blog.pmail.idv.tw\/wp-content\/uploads\/2012\/04\/21-8_thumb.jpg\" width=\"244\" height=\"50\"><\/a> <\/p>\n<p>3.\u66f4\u65b0\u75c5\u6bd2\u5230\u6700\u65b0\u5b8c\u6574\u6383\u6bd2\u4e00\u6b21<\/p>\n<div class=\"21cd169d3c0f71e95b84db320302cb4a\" data-index=\"1\" style=\"float: right; margin:10px 0 10px 10px;\">\n<script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-8711325745898650\"\r\n     crossorigin=\"anonymous\"><\/script>\n<\/div>\n\n<div style=\"font-size: 0px; height: 0px; line-height: 0px; margin: 0; padding: 0; clear: both;\"><\/div>","protected":false},"excerpt":{"rendered":"<p>TROJ_AGENT.AHAU\u75c5\u6bd2<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ngg_post_thumbnail":0,"footnotes":""},"categories":[40],"tags":[],"class_list":["post-2051","post","type-post","status-publish","format-standard","hentry","category-40"],"_links":{"self":[{"href":"https:\/\/blog.pmail.idv.tw\/index.php?rest_route=\/wp\/v2\/posts\/2051","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.pmail.idv.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.pmail.idv.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.pmail.idv.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.pmail.idv.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2051"}],"version-history":[{"count":0,"href":"https:\/\/blog.pmail.idv.tw\/index.php?rest_route=\/wp\/v2\/posts\/2051\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.pmail.idv.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2051"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.pmail.idv.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2051"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.pmail.idv.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2051"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}