Техническая информация
- '<SYSTEM32>\mainprocheck.exe'
- '<SYSTEM32>\MainPro.exe'
- '<SYSTEM32>\sc.exe' config winmgmt start= demand
- '<SYSTEM32>\sc.exe' start winmgmt
- '<SYSTEM32>\regsvr32.exe' /s "<SYSTEM32>\MSWINSCK.OCX"
- '<SYSTEM32>\cacls.exe' "%PROGRAM_FILES%\E-yoo\EyooSechelper2.dll" /e /d everyone
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\GameList[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\server[1].txt
- %TEMP%\~DFA561tmp
- <SYSTEM32>\MSWINSCK.OCX
- <SYSTEM32>\mainprocheck.exe
- <SYSTEM32>\MainPro.exe
- %TEMP%\~DF08A3.TMP
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\GameList[1].html
- 'co###.cnk.com.cn':80
- 'up####.guokui.net':80
- 'up####.cnk.com.cn':80
- 'localhost':1038
- up####.guokui.net/count/server.txt
- up####.cnk.com.cn/GameList.html
- DNS ASK up####.woai310.com
- DNS ASK k.###uya.com
- DNS ASK up####.guokui.net
- DNS ASK up.##ngzhua.net
- DNS ASK up####.cnk.com.cn
- DNS ASK ur#.#nk.com.cn
- DNS ASK ad####.dnsorg.net
- DNS ASK co###.cnk.com.cn
- '10.##5.255.255':26010
- ClassName: '(null)' WindowName: 'AnnexPro'
- ClassName: 'Progman' WindowName: 'Program Manager'
- ClassName: 'EDIT' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'