Technical Information
- [<HKLM>\SOFTWARE\Classes\goodPic\shell\open\command] '' = '"%PROGRAM_FILES%\goodPic\goodPicAp.exe" "%1"'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%PROGRAM_FILES%\goodPic\goodPic.exe' = '%PROGRAM_FILES%\goodPic\goodPic.exe:*:Enabled:Е®Йс»Іб Player'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%PROGRAM_FILES%\goodPic\goodPicAp.exe' = '%PROGRAM_FILES%\goodPic\goodPicAp.exe:*:Enabled:Е®Йс»Іб App'
- '%TEMP%\is-2QLI8.tmp\goodPic_setup_612.tmp' /SL5="$100EC,2481881,117760,%PROGRAM_FILES%\999999\goodPic_setup_612.exe" /verysilent
- '%PROGRAM_FILES%\goodPic\goodPicAp.exe' /setup_s
- '%PROGRAM_FILES%\999999\goodPic_setup_612.exe' /verysilent
- '%PROGRAM_FILES%\999999\goodpic_dae_612.exe'
- '%PROGRAM_FILES%\999999\goder.exe'
- %ALLUSERSPROFILE%\Start Menu\Programs\goodPic\goodPic Player.lnk
- %PROGRAM_FILES%\goodPic\plugins\is-FVMN7.tmp
- %PROGRAM_FILES%\goodPic\plugins\is-OJGTJ.tmp
- %PROGRAM_FILES%\goodPic\config\config.ini
- %PROGRAM_FILES%\goodPic\unins000.dat
- %ALLUSERSPROFILE%\Start Menu\Programs\goodPic\Uninstall їН»§¶Л.lnk
- %PROGRAM_FILES%\goodPic\config\is-GFEVN.tmp
- %PROGRAM_FILES%\goodPic\is-RR0O2.tmp
- %PROGRAM_FILES%\goodPic\is-55BOM.tmp
- %PROGRAM_FILES%\goodPic\is-2CBSE.tmp
- %PROGRAM_FILES%\goodPic\is-4F01J.tmp
- %PROGRAM_FILES%\goodPic\is-BLOHK.tmp
- %PROGRAM_FILES%\goodPic\is-4STG9.tmp
- %PROGRAM_FILES%\goodPic\config\hlib_pcrc.db-journal
- %PROGRAM_FILES%\goodPic\config\hlib_block.db
- %PROGRAM_FILES%\goodPic\config\hlib_block.db-journal
- %PROGRAM_FILES%\goodPic\config\CfgTmp.zip
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\cfgPicture[1].zip
- %PROGRAM_FILES%\goodPic\config\hlib_pcrc.db
- %PROGRAM_FILES%\goodPic\config\hlib_index.db
- %PROGRAM_FILES%\goodPic\config\profile.cfg
- %PROGRAM_FILES%\goodPic\config\partner.ini
- %HOMEPATH%\Desktop\goodPic Player.lnk
- %PROGRAM_FILES%\goodPic\config\hlib_index.db-journal
- %PROGRAM_FILES%\goodPic\top_box.bmp
- %PROGRAM_FILES%\goodPic\meinvGo.url
- %TEMP%\is-0VCQ3.tmp\jpg2bmp.dll
- %TEMP%\is-0VCQ3.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-0VCQ3.tmp\_isetup\_RegDLL.tmp
- %TEMP%\is-0VCQ3.tmp\left_box.bmp
- %TEMP%\is-0VCQ3.tmp\setup.jpg
- %TEMP%\is-0VCQ3.tmp\MgRecommend.dll
- %TEMP%\is-2QLI8.tmp\goodPic_setup_612.tmp
- %TEMP%\nsb3.tmp\NSISdl.dll
- %TEMP%\nsb3.tmp\System.dll
- %TEMP%\nsg2.tmp
- %PROGRAM_FILES%\999999\goodPic_setup_612.exe
- %PROGRAM_FILES%\999999\goodpic_dae_612.exe
- %PROGRAM_FILES%\999999\goder.exe
- %PROGRAM_FILES%\goodPic\is-AIA7T.tmp
- %PROGRAM_FILES%\goodPic\is-8ACP5.tmp
- %PROGRAM_FILES%\goodPic\is-UL3J1.tmp
- %PROGRAM_FILES%\goodPic\is-OTT32.tmp
- %PROGRAM_FILES%\goodPic\is-BPJ0E.tmp
- %PROGRAM_FILES%\goodPic\is-J5J2U.tmp
- %PROGRAM_FILES%\goodPic\is-C275L.tmp
- %TEMP%\is-0VCQ3.tmp\top_box.bmp
- %TEMP%\is-0VCQ3.tmp\setup.bmp
- %TEMP%\is-0VCQ3.tmp\top_box.jpg
- %PROGRAM_FILES%\goodPic\is-2C288.tmp
- %PROGRAM_FILES%\goodPic\is-RMK9Q.tmp
- %PROGRAM_FILES%\goodPic\is-S3IE6.tmp
- %PROGRAM_FILES%\999999\goder.exe
- %TEMP%\nsb3.tmp\NSISdl.dll
- %TEMP%\is-2QLI8.tmp\goodPic_setup_612.tmp
- %PROGRAM_FILES%\999999\goodPic_setup_612.exe
- %TEMP%\nsb3.tmp\System.dll
- %PROGRAM_FILES%\goodPic\config\hlib_block.db-journal
- %PROGRAM_FILES%\goodPic\config\hlib_pcrc.db-journal
- %PROGRAM_FILES%\goodPic\config\profile.cfg
- %PROGRAM_FILES%\goodPic\config\hlib_index.db-journal
- %TEMP%\is-0VCQ3.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-0VCQ3.tmp\left_box.bmp
- %TEMP%\is-0VCQ3.tmp\MgRecommend.dll
- %PROGRAM_FILES%\goodPic\goodPic.exe
- %TEMP%\is-0VCQ3.tmp\jpg2bmp.dll
- %TEMP%\is-0VCQ3.tmp\setup.bmp
- %TEMP%\is-0VCQ3.tmp\top_box.jpg
- %TEMP%\is-0VCQ3.tmp\_isetup\_RegDLL.tmp
- %TEMP%\is-0VCQ3.tmp\setup.jpg
- %TEMP%\is-0VCQ3.tmp\top_box.bmp
- from %PROGRAM_FILES%\goodPic\is-4STG9.tmp to %PROGRAM_FILES%\goodPic\msvcr71.dll
- from %PROGRAM_FILES%\goodPic\is-BLOHK.tmp to %PROGRAM_FILES%\goodPic\ppxa.dll
- from %PROGRAM_FILES%\goodPic\is-RR0O2.tmp to %PROGRAM_FILES%\goodPic\msvcr110.dll
- from %PROGRAM_FILES%\goodPic\is-2CBSE.tmp to %PROGRAM_FILES%\goodPic\msvcp110.dll
- from %PROGRAM_FILES%\goodPic\is-55BOM.tmp to %PROGRAM_FILES%\goodPic\msvcp71.dll
- from %PROGRAM_FILES%\goodPic\plugins\is-FVMN7.tmp to %PROGRAM_FILES%\goodPic\plugins\TransmitLayer.dll
- from %PROGRAM_FILES%\goodPic\config\profile.cfg.new to %PROGRAM_FILES%\goodPic\config\profile.cfg
- from %PROGRAM_FILES%\goodPic\plugins\is-OJGTJ.tmp to %PROGRAM_FILES%\goodPic\plugins\mnGLnk.dll
- from %PROGRAM_FILES%\goodPic\is-4F01J.tmp to %PROGRAM_FILES%\goodPic\sqlite3.dll
- from %PROGRAM_FILES%\goodPic\config\is-GFEVN.tmp to %PROGRAM_FILES%\goodPic\config\init.config.ini
- from %PROGRAM_FILES%\goodPic\is-C275L.tmp to %PROGRAM_FILES%\goodPic\goodPicAp.exe
- from %PROGRAM_FILES%\goodPic\is-UL3J1.tmp to %PROGRAM_FILES%\goodPic\jpg2bmp.dll
- from %PROGRAM_FILES%\goodPic\is-2C288.tmp to %PROGRAM_FILES%\goodPic\goodPic.exe
- from %PROGRAM_FILES%\goodPic\is-S3IE6.tmp to %PROGRAM_FILES%\goodPic\unins000.exe
- from %PROGRAM_FILES%\goodPic\is-RMK9Q.tmp to %PROGRAM_FILES%\goodPic\goodPic.exe
- from %PROGRAM_FILES%\goodPic\is-BPJ0E.tmp to %PROGRAM_FILES%\goodPic\MGIconLib.dll
- from %PROGRAM_FILES%\goodPic\is-OTT32.tmp to %PROGRAM_FILES%\goodPic\MgRecommend.dll
- from %PROGRAM_FILES%\goodPic\is-J5J2U.tmp to %PROGRAM_FILES%\goodPic\MFC71.dll
- from %PROGRAM_FILES%\goodPic\is-8ACP5.tmp to %PROGRAM_FILES%\goodPic\meinvGo.ico
- from %PROGRAM_FILES%\goodPic\is-AIA7T.tmp to %PROGRAM_FILES%\goodPic\meinvGo.url
- 're#.#gbox.cn':1863
- 'qu###.mgbox.cn':80
- 'www.mg##x.cn':80
- 're#.#gbox.cn':80
- 'localhost':1037
- '12#.#32.146.41':8080
- 'qu###.mgbox.cn':1865
- 'xu#.###ogin2.tenpay.com':443
- www.mg##x.cn/conf/cfgPicture.zip
- DNS ASK qu###.mgbox.cn
- DNS ASK re#.#gbox.cn
- DNS ASK www.mg##x.cn
- DNS ASK rc.#gbox.cn
- DNS ASK xu#.###ogin2.tenpay.com
- 're#.#gbox.cn':1863
- 'qu###.mgbox.cn':1865
- 'rc.#gbox.cn':1868
- ClassName: 'mbshow_class' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'mbshow_classgoodPic_title'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'