Technical Information
- [HKLM\Software\Classes\pingguo55room\shell\open\command] '' = '"%ProgramFiles(x86)%\pingguo55\pingguo55.exe" %1'
- [HKLM\System\CurrentControlSet\Services\GuaGua-Service] 'Start' = '00000002'
- [HKLM\System\CurrentControlSet\Services\GuaGua-Service] 'ImagePath' = '%ProgramFiles(x86)%\pingguo55\ServiceClient.exe'
- 'GuaGua-Service' %ProgramFiles(x86)%\pingguo55\ServiceClient.exe
- %TEMP%\nsn64bc.tmp\system.dll
- %ProgramFiles(x86)%\pingguo55\skin\dice\5.png
- %ProgramFiles(x86)%\pingguo55\skin\dice\6.png
- %ProgramFiles(x86)%\pingguo55\skin\dice\dice.gif
- %ProgramFiles(x86)%\pingguo55\skin\fingerguessing\0.png
- %ProgramFiles(x86)%\pingguo55\skin\fingerguessing\1.png
- %ProgramFiles(x86)%\pingguo55\skin\fingerguessing\2.png
- %ProgramFiles(x86)%\pingguo55\skin\fingerguessing\fingerguessing.gif
- %ProgramFiles(x86)%\pingguo55\data\commonconfig.ini
- %ProgramFiles(x86)%\pingguo55\data\oemcfgu.dat
- %ProgramFiles(x86)%\pingguo55\data\svraddr000.dat
- %ProgramFiles(x86)%\pingguo55\data\update.dat
- %ProgramFiles(x86)%\pingguo55\data\common.dat
- %ProgramFiles(x86)%\pingguo55\data\quicksign.swf
- %ProgramFiles(x86)%\pingguo55\data\html\signloading.html
- %ProgramFiles(x86)%\pingguo55\data\html\css\news.css
- %ProgramFiles(x86)%\pingguo55\data\html\game\index.html
- %ProgramFiles(x86)%\pingguo55\data\html\game\images\car.png
- %ProgramFiles(x86)%\pingguo55\data\html\game\images\fruit.png
- %ProgramFiles(x86)%\pingguo55\data\html\game\images\niu.png
- %ProgramFiles(x86)%\pingguo55\data\html\game\images\qidai.png
- %ProgramFiles(x86)%\pingguo55\data\html\img\aa.png
- %ProgramFiles(x86)%\pingguo55\skin\dice\4.png
- %ProgramFiles(x86)%\pingguo55\skin\mercuryupdateskin.ggs
- %ProgramFiles(x86)%\pingguo55\skin\dice\3.png
- %ProgramFiles(x86)%\pingguo55\skin\dice\1.png
- %ProgramFiles(x86)%\pingguo55\skin\systemnotify.gif
- %ProgramFiles(x86)%\pingguo55\skin\admin_msg.gif
- %ProgramFiles(x86)%\pingguo55\skin\agency.gif
- %ProgramFiles(x86)%\pingguo55\skin\room_broadcast.png
- %ProgramFiles(x86)%\pingguo55\skin\sys_msg.gif
- %ProgramFiles(x86)%\pingguo55\skin\welcome.gif
- %ProgramFiles(x86)%\pingguo55\skin\worldbugleicon.gif
- %ProgramFiles(x86)%\pingguo55\skin\loadhtml\jz_bbx.html
- %ProgramFiles(x86)%\pingguo55\skin\loadhtml\css\style.css
- %ProgramFiles(x86)%\pingguo55\skin\loadhtml\images\bj_2.jpg
- %ProgramFiles(x86)%\pingguo55\skin\loadhtml\images\jx_sm.gif
- %ProgramFiles(x86)%\pingguo55\skin\loadhtml\images\jz_icon.gif
- %ProgramFiles(x86)%\pingguo55\skin\pvfloat\left_c.png
- %ProgramFiles(x86)%\pingguo55\skin\pvfloat\left_h.png
- %ProgramFiles(x86)%\pingguo55\skin\pvfloat\left_n.png
- %ProgramFiles(x86)%\pingguo55\skin\pvfloat\middle_c.png
- %ProgramFiles(x86)%\pingguo55\skin\pvfloat\middle_h.png
- %ProgramFiles(x86)%\pingguo55\skin\pvfloat\middle_n.png
- %ProgramFiles(x86)%\pingguo55\skin\pvfloat\right_c.png
- %ProgramFiles(x86)%\pingguo55\skin\pvfloat\right_h.png
- %ProgramFiles(x86)%\pingguo55\skin\pvfloat\right_n.png
- %ProgramFiles(x86)%\pingguo55\skin\dice\2.png
- %ProgramFiles(x86)%\pingguo55\skin\roomnotify.png
- %ProgramFiles(x86)%\pingguo55\data\html\img\bb.png
- %ProgramFiles(x86)%\pingguo55\data\html\img\button_left.gif
- %ProgramFiles(x86)%\pingguo55\serviceclient.exe
- %ProgramFiles(x86)%\pingguo55\resideclient.exe
- %ProgramFiles(x86)%\pingguo55\ggole.dll
- %ProgramFiles(x86)%\pingguo55\mfc100u.dll
- %ProgramFiles(x86)%\pingguo55\msvcp100.dll
- %ProgramFiles(x86)%\pingguo55\msvcr100.dll
- %ProgramFiles(x86)%\pingguo55\msvcr71.dll
- %ProgramFiles(x86)%\pingguo55\mfc71u.dll
- %ProgramFiles(x86)%\pingguo55\msvcp71.dll
- %ProgramFiles(x86)%\pingguo55\chatroom\data\smallred.swf
- %ProgramFiles(x86)%\pingguo55\滹ûêóæµéççø.url
- %APPDATA%\microsoft\windows\start menu\programs\滹ûêóæµéççø\ð¶ôø滹ûêóæµéççø.lnk
- %HOMEPATH%\desktop\滹ûêóæµéççø.lnk
- %ProgramFiles(x86)%\pingguo55\data\spread.dat
- C:\documents and settings\default user\local settings\temp\temppc.bak
- D:\msocache\ms0.dat
- %WINDIR%\gsyspd.log
- D:\ghos\giex
- D:\$recycle.bin\$hf_mig$\update.dat
- %WINDIR%\msgpi.log
- %ProgramFiles(x86)%\pingguo55\ggplayerdownload.ini
- %ProgramFiles(x86)%\pingguo55\serviceclient.dll
- %ProgramFiles(x86)%\pingguo55\data\html\img\bt_hover.jpg
- %ProgramFiles(x86)%\pingguo55\data\html\img\bt_active.jpg
- %ProgramFiles(x86)%\pingguo55\imageformats\qico4.dll
- %ProgramFiles(x86)%\pingguo55\data\html\img\cc.png
- %ProgramFiles(x86)%\pingguo55\data\html\img\close.gif
- %ProgramFiles(x86)%\pingguo55\data\html\img\enter.jpg
- %ProgramFiles(x86)%\pingguo55\data\html\img\freeze.gif
- %ProgramFiles(x86)%\pingguo55\data\html\img\liebiao_di.gif
- %ProgramFiles(x86)%\pingguo55\data\html\img\liebiao_di_on.gif
- %ProgramFiles(x86)%\pingguo55\data\html\img\lock.jpg
- %ProgramFiles(x86)%\pingguo55\data\html\img\lock_cl.gif
- %ProgramFiles(x86)%\pingguo55\data\html\img\lock_cl.png
- %ProgramFiles(x86)%\pingguo55\data\html\img\lock_op.gif
- %ProgramFiles(x86)%\pingguo55\data\html\img\lock_op.png
- %ProgramFiles(x86)%\pingguo55\data\html\img\no_pic.jpg
- %ProgramFiles(x86)%\pingguo55\data\html\img\right.gif
- %ProgramFiles(x86)%\pingguo55\data\html\img\signloading_main.jpg
- %ProgramFiles(x86)%\pingguo55\data\html\img\signloading_top.jpg
- %ProgramFiles(x86)%\pingguo55\data\html\img\unlock.png
- %ProgramFiles(x86)%\pingguo55\data\html\img\wrong.gif
- %ProgramFiles(x86)%\pingguo55\data\html\js\evpng.js
- %ProgramFiles(x86)%\pingguo55\imageformats\qgif4.dll
- %ProgramFiles(x86)%\pingguo55\imageformats\qjpeg4.dll
- %ProgramFiles(x86)%\pingguo55\data\html\img\button.png
- %ProgramFiles(x86)%\pingguo55\recommendinfo.dll
- %ProgramFiles(x86)%\pingguo55\skin\default.rcc
- %ProgramFiles(x86)%\pingguo55\skin\c10.gif
- %ProgramFiles(x86)%\pingguo55\skin\c09.gif
- %ProgramFiles(x86)%\pingguo55\virtualizersdk32.dll
- %ProgramFiles(x86)%\pingguo55\volumectrl.dll
- %ProgramFiles(x86)%\pingguo55\gdiplus.dll
- %ProgramFiles(x86)%\pingguo55\pingguo55.exe
- %ProgramFiles(x86)%\pingguo55\chatroom\agshow.dll
- %ProgramFiles(x86)%\pingguo55\chatroom\edenroomclient.dll
- %ProgramFiles(x86)%\pingguo55\chatroom\medialib.dll
- %ProgramFiles(x86)%\pingguo55\chatroom\flash\e1314.png
- %ProgramFiles(x86)%\pingguo55\chatroom\flash\e1314.swf
- %ProgramFiles(x86)%\pingguo55\chatroom\flash\e1314.xml
- %ProgramFiles(x86)%\pingguo55\chatroom\flash\e188.png
- %ProgramFiles(x86)%\pingguo55\chatroom\flash\e188.swf
- %ProgramFiles(x86)%\pingguo55\chatroom\flash\e188.xml
- %ProgramFiles(x86)%\pingguo55\chatroom\flash\e521.png
- %ProgramFiles(x86)%\pingguo55\chatroom\flash\e521.swf
- %ProgramFiles(x86)%\pingguo55\chatroom\flash\e521.xml
- %ProgramFiles(x86)%\pingguo55\chatroom\flash\e6666.png
- %ProgramFiles(x86)%\pingguo55\chatroom\flash\e6666.swf
- %ProgramFiles(x86)%\pingguo55\chatroom\flash\e6666.xml
- %ProgramFiles(x86)%\pingguo55\chatroom\flash\e99.png
- %ProgramFiles(x86)%\pingguo55\videodecode2.dll
- %ProgramFiles(x86)%\pingguo55\chatroom\flash\e99.swf
- %ProgramFiles(x86)%\pingguo55\videocapture.dll
- %ProgramFiles(x86)%\pingguo55\uitooltip.dll
- %TEMP%\nsn64bc.tmp\killprocdll.dll
- %ProgramFiles(x86)%\pingguo55\audiocapture.dll
- %ProgramFiles(x86)%\pingguo55\audiocodec3.dll
- %ProgramFiles(x86)%\pingguo55\audiodecodec3.dll
- %ProgramFiles(x86)%\pingguo55\crashreport.dll
- %ProgramFiles(x86)%\pingguo55\dnssession.dll
- %ProgramFiles(x86)%\pingguo55\edenlogin.dll
- %ProgramFiles(x86)%\pingguo55\edenroomgui.dll
- %ProgramFiles(x86)%\pingguo55\edenroomui.dll
- %ProgramFiles(x86)%\pingguo55\edentabui.dll
- %ProgramFiles(x86)%\pingguo55\encwmv.dll
- %ProgramFiles(x86)%\pingguo55\equipcenter.dll
- %ProgramFiles(x86)%\pingguo55\ggplayerinstaller.exe
- %ProgramFiles(x86)%\pingguo55\icontooltip.exe
- %ProgramFiles(x86)%\pingguo55\imagescale.dll
- %ProgramFiles(x86)%\pingguo55\install.ini
- %ProgramFiles(x86)%\pingguo55\qtcore4.dll
- %ProgramFiles(x86)%\pingguo55\qtgui4.dll
- %ProgramFiles(x86)%\pingguo55\qtopengl4.dll
- %ProgramFiles(x86)%\pingguo55\rescenter.dll
- %ProgramFiles(x86)%\pingguo55\rtpstack.dll
- %ProgramFiles(x86)%\pingguo55\update.exe
- %ProgramFiles(x86)%\pingguo55\chatroom\flash\e99.xml
- %ProgramFiles(x86)%\pingguo55\videoencode2.dll
- %ProgramFiles(x86)%\pingguo55\chatroom\flash\e999.png
- %ProgramFiles(x86)%\pingguo55\chatroom\data\images\pic3.gif
- %ProgramFiles(x86)%\pingguo55\chatroom\data\images\pic5.gif
- %ProgramFiles(x86)%\pingguo55\chatroom\data\images\pic6.gif
- %ProgramFiles(x86)%\pingguo55\chatroom\data\images\pic7.gif
- %ProgramFiles(x86)%\pingguo55\chatroom\data\images\pic8.gif
- %ProgramFiles(x86)%\pingguo55\chatroom\data\images\pic9.gif
- %ProgramFiles(x86)%\pingguo55\chatroom\data\images\room.png
- %ProgramFiles(x86)%\pingguo55\chatroom\data\images\v2.gif
- %ProgramFiles(x86)%\pingguo55\chatroom\data\images\v3.gif
- %ProgramFiles(x86)%\pingguo55\chatroom\data\images\xx.gif
- %ProgramFiles(x86)%\pingguo55\skin\bugle.gif
- %ProgramFiles(x86)%\pingguo55\skin\c00.gif
- %ProgramFiles(x86)%\pingguo55\skin\c01.gif
- %ProgramFiles(x86)%\pingguo55\skin\c02.gif
- %ProgramFiles(x86)%\pingguo55\skin\c03.gif
- %ProgramFiles(x86)%\pingguo55\skin\c04.gif
- %ProgramFiles(x86)%\pingguo55\skin\c05.gif
- %ProgramFiles(x86)%\pingguo55\skin\c06.gif
- %ProgramFiles(x86)%\pingguo55\skin\c07.gif
- %ProgramFiles(x86)%\pingguo55\skin\c08.gif
- %ProgramFiles(x86)%\pingguo55\chatroom\data\images\pic2.gif
- %ProgramFiles(x86)%\pingguo55\chatroom\data\images\pic17.gif
- %ProgramFiles(x86)%\pingguo55\chatroom\data\images\pic4.gif
- %ProgramFiles(x86)%\pingguo55\chatroom\data\images\pic18.gif
- %ProgramFiles(x86)%\pingguo55\chatroom\data\images\pic16.gif
- %ProgramFiles(x86)%\pingguo55\chatroom\flash\e999.swf
- %ProgramFiles(x86)%\pingguo55\chatroom\flash\e9999.png
- %ProgramFiles(x86)%\pingguo55\chatroom\flash\e9999.swf
- %ProgramFiles(x86)%\pingguo55\chatroom\flash\e9999.xml
- %ProgramFiles(x86)%\pingguo55\chatroom\flash\flashshow.exe
- %ProgramFiles(x86)%\pingguo55\chatroom\flash\flash.swf
- %ProgramFiles(x86)%\pingguo55\chatroom\sound\3266.wav
- %ProgramFiles(x86)%\pingguo55\chatroom\data\hiteggs.swf
- %ProgramFiles(x86)%\pingguo55\chatroom\data\identify.html
- %ProgramFiles(x86)%\pingguo55\chatroom\data\luxurycar.swf
- D:\msocache\wcods.dat
- %APPDATA%\microsoft\windows\start menu\programs\滹ûêóæµéççø\滹ûêóæµéççø.lnk
- %ProgramFiles(x86)%\pingguo55\chatroom\data\bigred.swf
- %ProgramFiles(x86)%\pingguo55\chatroom\data\images\activity_da.gif
- %ProgramFiles(x86)%\pingguo55\chatroom\data\images\music.gif
- %ProgramFiles(x86)%\pingguo55\chatroom\data\images\pic1.gif
- %ProgramFiles(x86)%\pingguo55\chatroom\data\images\pic10.gif
- %ProgramFiles(x86)%\pingguo55\chatroom\data\images\pic11.gif
- %ProgramFiles(x86)%\pingguo55\chatroom\data\images\pic12.gif
- %ProgramFiles(x86)%\pingguo55\chatroom\data\images\pic13.gif
- %ProgramFiles(x86)%\pingguo55\chatroom\data\images\pic14.gif
- %ProgramFiles(x86)%\pingguo55\chatroom\data\images\pic15.gif
- %ProgramFiles(x86)%\pingguo55\chatroom\flash\e999.xml
- %ProgramFiles(x86)%\pingguo55\chatroom\data\css\style.css
- %ALLUSERSPROFILE%\guagua\service\service.dat
- %TEMP%\nsn64bc.tmp\killprocdll.dll
- %TEMP%\nsn64bc.tmp\system.dll
- 'hu####.guagua.cn':80
- '36.#50.9.33':2113
- 'cj.##agua.cn':80
- '36.#50.9.32':2113
- http://cj.##agua.cn/cjtype/hubble/install?pr#####################################################################################################################################################...
- http://www.gu##ua.cn/502.html
- http://cj.##agua.cn/cjtype/hubble/winstart?pu####################################################################################################################################################...
- http://cj.##agua.cn/cjtype/hubble/showproduct?pr##################################
- http://hu####.guagua.cn/api/globalConf.api
- DNS ASK up####.pingguo55.com
- DNS ASK hu####.guagua.cn
- DNS ASK un####.pingguo55.com
- DNS ASK op.##guagua.com
- DNS ASK cj.##agua.cn
- DNS ASK gu##ua.cn
- '12#.#01.105.139':5100
- '36.##0.9.187':5432
- '22#.#94.216.227':9876
- '36.##0.9.187':9876
- '12#.#5.141.72':9876
- '22#.#94.216.226':9876
- '12#.#5.141.72':5432
- '11#.#31.176.160':5100
- '22#.#94.216.227':5432
- '%ProgramFiles(x86)%\pingguo55\serviceclient.exe' -i
- '%ProgramFiles(x86)%\pingguo55\pingguo55.exe'
- '%ProgramFiles(x86)%\pingguo55\update.exe' 5.520 1
- '%ProgramFiles(x86)%\pingguo55\serviceclient.exe'
- '%ProgramFiles(x86)%\pingguo55\update.exe' 5.520
- '%ProgramFiles(x86)%\pingguo55\resideclient.exe'
- '%WINDIR%\syswow64\net.exe' start GuaGua-Service
- '%WINDIR%\syswow64\net1.exe' start GuaGua-Service
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\FirewallControlPanel.dll,ShowNotificationDialog /configure /ETOnly 0 /OnProfiles 6 /OtherAllowed 0 /OtherBlocked 0 /OtherEdgeAllowed 0 /NewBlocked 4 "%ProgramFiles(x86)%\pingguo55\pi...