Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\OpenFastAssist] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\OpenFastAssist] 'ImagePath' = '%ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\OpenFastAssist.exe'
- %TEMP%\RarSFX0\JSKP.exe
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\res\Image\img_main.png
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\res\Image\dlg_close.png
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\res\Image\del.png
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\res\Image\checkbox2_uncheck.png
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\res\Image\checkbox2_check.png
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\res\Image\bk_login.jpg
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\res\Image\arrow_normal_sel.png
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\res\Image\arrow_normal_normal.png
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\res\Image\arrow_normal.png
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\res\Image\arrow_expand_sel.png
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\res\Image\arrow_expand_normal.png
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\res\Image\arrow_down.png
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\res\Image\LOGO.png
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж).exe
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\msvcr90.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\msvcp90.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\msvcm90.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\mfcm90u.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\mfc90u.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\UIBaseX.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\Microsoft.VC90.MFC.manifest
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\Microsoft.VC90.CRT.manifest
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\Microsoft.VC90.ATL.manifest
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\res\Image\img_qrmain.png
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\res\Image\menu_check.png
- %TEMP%\nsd2.tmp\ns3.tmp
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\res\Image\msgbox_error.png
- %TEMP%\nsd2.tmp\nsExec.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\uninst.exe
- %HOMEPATH%\Start Menu\Programs\ЕµЕµ\ј«ЛЩїЄЖ±\Р¶ФШ.lnk
- %HOMEPATH%\Desktop\ј«ЛЩїЄЖ±.lnk
- %HOMEPATH%\Start Menu\Programs\ЕµЕµ\ј«ЛЩїЄЖ±\ј«ЛЩїЄЖ±.lnk
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\protect\PProtect64.sys
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\protect\PProtect32.sys
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Template\ZhiPiao_info.xml
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\com\com1002win64.reg
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\com\com1002win32.reg
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\com\com1002.tlb
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\com\com1002.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\res\Image\winbtn_normal.png
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\res\Image\winbtn_move.png
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\res\Image\winbtn_down.png
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\res\Image\warn.png
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\res\Image\track_btn.png
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\res\Image\skin_scrollbar.png
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\res\Image\sendbtn_arrow.png
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\res\Image\radio_button.png
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\res\Image\msgbox_warn.png
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\res\Image\msgbox_question.png
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\res\Image\msgbox_info.png
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\adb\asn.exe
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Л°Ос·ўЖ±ЦъКЦ2.0(PC°ж)\res\Image\login_btn.png
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\adb\adb.exe
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\KpInfoWrite.exe
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\PubUploadDataToHBase.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\IXwReadJspData.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\GoodsCategoryCode.exe
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\ReadInterface.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\ReadData.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\atl90.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\FastInvoice.exe
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\FastInvoiceAssist.exe
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\FastInvoice.ico
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\mfc90u.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\mfcm90u.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Microsoft.VC90.ATL.manifest
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Microsoft.VC90.CRT.manifest
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Microsoft.VC90.MFC.manifest
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\msvcm90.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\msvcp90.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\msvcr90.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\sqlite3.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Update.exe
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\update_bak.exe
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\ver.config
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\ј«ЛЩїЄЖ±.exe
- %TEMP%\nsd2.tmp\KillProcDLL.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\ResDll.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\JSKPAutoSetup.exe
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\adb\AdbWinApi.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\FindKpSoft.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\push\nnpush.exe
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\NNProtect.exe
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\ConnectCore.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\JSKP_Xml.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\kpsoft.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\QympNewGuide.exe
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\QympEditGuide.exe
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\UpdateDescripFile.exe
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\UpdateDescription.exe
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\XxTs.exe
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\MessageManage.exe
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\MessageAdapter.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\AutoFill.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\UnInstallDll.exe
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\libxl.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\OpenFastAssist.exe
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\NetModule.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\NuoNuoCryp.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\utility.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\JSKP_Http.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\JSKP_SMKP.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\JSKP_Qqkp.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\JSKP_Card.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\adb\AdbWinUsbApi.dll
- %ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\Log\NNProtect_20181218.log
- %TEMP%\nsd2.tmp\ns3.tmp
- %TEMP%\nsd2.tmp\KillProcDLL.dll
- %TEMP%\nsd2.tmp\nsExec.dll
- 'up####.jss.com.cn':80
- http://up####.jss.com.cn/interfaceCtr/version.do?ve#################################
- DNS ASK up####.jss.com.cn
- ClassName: 'EDIT' WindowName: ''
- '%TEMP%\RarSFX0\JSKP.exe' /S /D
- '%ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\JSKPAutoSetup.exe' SW_SHOWNORMAL
- '%TEMP%\nsd2.tmp\ns3.tmp' "%ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\OpenFastAssist.exe" "-install"
- '%ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\OpenFastAssist.exe' "-install"
- '%ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\OpenFastAssist.exe'
- '%ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\UpdateDescription.exe' -UpdateDescrip
- '%ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\ј«ЛЩїЄЖ±.exe' SW_SHOWNORMAL
- '%ProgramFiles%\ЕµЕµ\ј«ЛЩїЄЖ±\NNProtect.exe' -Protect