Техническая информация
- [<HKLM>\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001] 'PackedCatalogItem' = '{43,3a,5c,57,69,6e,64,6f,77,73,5c,73,79,73,74,65,6d,33,32,5c...
- [<HKLM>\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002] 'PackedCatalogItem' = '{43,3a,5c,57,69,6e,64,6f,77,73,5c,73,79,73,74,65,6d,33,32,5c...
- [<HKLM>\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003] 'PackedCatalogItem' = '{43,3a,5c,57,69,6e,64,6f,77,73,5c,73,79,73,74,65,6d,33,32,5c...
- [<HKLM>\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008] 'PackedCatalogItem' = '{43,3a,5c,57,69,6e,64,6f,77,73,5c,73,79,73,74,65,6d,33,32,5c...
- [<HKLM>\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010] 'PackedCatalogItem' = '{43,3a,5c,57,69,6e,64,6f,77,73,5c,73,79,73,74,65,6d,33,32,5c...
- %TEMP%\read\krnln.fnr
- %TEMP%\read\iext2.fne
- %TEMP%\read\eapi.fne
- %TEMP%\read\dp1.fne
- %TEMP%\read\spec.fne
- %TEMP%\read\iext3.fne
- %TEMP%\read\iext5.fne
- %TEMP%\read\enetintercept.fne
- <Текущая директория>\espi11.dll
- %WINDIR%\syswow64\espi11.dll
- 'mp.###xin.qq.com':80
- 'mp.###xin.qq.com':443
- http://mp.###xin.qq.com/s/Tu6Tgza5xMQze14Qj0I7bg
- 'mp.###xin.qq.com':443
- DNS ASK mp.###xin.qq.com
- ClassName: 'WeChatMainWndForPC' WindowName: 'ГЋВўГђГ…'
- ClassName: 'WeChatLoginWndForPC' WindowName: '怬'