Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'FastInvoice' = '%ProgramFiles%\ŵŵ\¼«ËÙ¿ªÆ±\FastInvoice.exe -AutoRun'
- [<HKLM>\System\CurrentControlSet\Services\OpenFastAssist] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\OpenFastAssist] 'ImagePath' = '%ProgramFiles%\ŵŵ\¼«ËÙ¿ªÆ±\OpenFastAssist.exe'
- %TEMP%\rarsfx0\jskp.exe
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\res\image\msgbox_error.png
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\res\image\menu_check.png
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\res\image\login_btn.png
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\res\image\img_qrmain.png
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\res\image\img_main.png
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\res\image\dlg_close.png
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\res\image\del.png
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\res\image\checkbox2_uncheck.png
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\res\image\checkbox2_check.png
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\res\image\bk_login.jpg
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\res\image\arrow_normal_sel.png
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\res\image\arrow_normal_normal.png
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\res\image\arrow_normal.png
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\res\image\arrow_expand_sel.png
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\res\image\arrow_expand_normal.png
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\res\image\arrow_down.png
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\res\image\logo.png
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\ë°îñ·¢æ±öúêö2.0(pc°æ).exe
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\msvcr90.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\msvcp90.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\msvcm90.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\mfcm90u.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\mfc90u.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\uibasex.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\microsoft.vc90.mfc.manifest
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\microsoft.vc90.atl.manifest
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\microsoft.vc90.crt.manifest
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\res\image\msgbox_info.png
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\res\image\msgbox_question.png
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\cfg\znbm_network.ini
- %WINDIR%\temp\templog\request_20190807.log
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\savefile.exe
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\log\nnprotect_20190807.log
- %TEMP%\nsw2.tmp\ns3.tmp
- %TEMP%\nsw2.tmp\nsexec.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\uninst.exe
- %HOMEPATH%\start menu\programs\åµåµ\¼«ëù¿ªæ±\ð¶ôø.lnk
- %HOMEPATH%\desktop\¼«ëù¿ªæ±.lnk
- %HOMEPATH%\start menu\programs\åµåµ\¼«ëù¿ªæ±\¼«ëù¿ªæ±.lnk
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\lib\addedrealtax.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\lib\readareacode.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\lib\diskinfon.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\qympeditguide.exe
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\protect\pprotect64.sys
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\protect\pprotect32.sys
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\template\zhipiao_info.xml
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\res\image\winbtn_normal.png
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\res\image\winbtn_move.png
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\res\image\winbtn_down.png
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\res\image\warn.png
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\res\image\track_btn.png
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\res\image\skin_scrollbar.png
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\res\image\sendbtn_arrow.png
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\res\image\radio_button.png
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ë°îñ·¢æ±öúêö2.0(pc°æ)\res\image\msgbox_warn.png
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\adb\asn.exe
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\adb\adb.exe
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\adb\adbwinusbapi.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\kpinfowrite.exe
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\resdll.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\pubuploaddatatohbase.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\goodscategorycode.exe
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\readinterface.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\readdata.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\atl90.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\fastinvoice.exe
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\fastinvoiceassist.exe
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\fastinvoice.ico
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\mfc90u.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\mfcm90u.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\microsoft.vc90.atl.manifest
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\microsoft.vc90.crt.manifest
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\microsoft.vc90.mfc.manifest
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\msvcm90.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\msvcp90.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\msvcr90.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\sqlite3.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\updateflash.exe
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\update_bak.exe
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\ver.config
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\¼«ëù¿ªæ±.exe
- %TEMP%\nsw2.tmp\killprocdll.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\jskp_card.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\jskp_qqkp.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\findkpsoft.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\jskp_smkp.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\adb\adbwinapi.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\jskp_http.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\push\nnpush.exe
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\nnfp_link.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\jskp_mainui.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\jskp_ui.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\taxbox.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\readjspdll.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\invoicemgr.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\nnprotect.exe
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\connectcore.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\jskp_xml.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\kpsoft.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\lib\makehashcode.dll
- %HOMEPATH%\desktop\极速开票.lnk
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\updatedescripfile.exe
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\updatedescription.exe
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\xxts.exe
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\messagemanage.exe
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\messageadapter.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\autofill.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\uninstalldll.exe
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\libxl.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\openfastassist.exe
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\netmodule.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\nuonuocryp.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\utility.dll
- %ProgramFiles%\åµåµ\¼«ëù¿ªæ±\qympnewguide.exe
- %TEMP%\xlitechost.exe
- %TEMP%\nsw2.tmp\ns3.tmp
- %TEMP%\nsw2.tmp\killprocdll.dll
- %TEMP%\nsw2.tmp\nsexec.dll
- %TEMP%\rarsfx0\jskp.exe
- http://up####.jss.com.cn/interfaceCtr/version.do?ve#################################
- http://xz.#xnfw.cn/ScanFileCrash_s.exe
- DNS ASK up####.jss.com.cn
- DNS ASK xz.#xnfw.cn
- ClassName: 'EDIT' WindowName: ''
- '%TEMP%\rarsfx0\jskp.exe' /S /D
- '%TEMP%\nsw2.tmp\ns3.tmp' "%ProgramFiles%\ŵŵ\¼«ËÙ¿ªÆ±\OpenFastAssist.exe" "-install"
- '%ProgramFiles%\åµåµ\¼«ëù¿ªæ±\openfastassist.exe' "-install"
- '%ProgramFiles%\åµåµ\¼«ëù¿ªæ±\openfastassist.exe'
- '%ProgramFiles%\åµåµ\¼«ëù¿ªæ±\updatedescription.exe' -UpdateDescrip
- '%ProgramFiles%\åµåµ\¼«ëù¿ªæ±\¼«ëù¿ªæ±.exe' SW_SHOWNORMAL
- '%ProgramFiles%\åµåµ\¼«ëù¿ªæ±\nnprotect.exe' -Protect
- '%ProgramFiles%\åµåµ\¼«ëù¿ªæ±\fastinvoice.exe' -UpdateIgnore
- '%TEMP%\nsw2.tmp\ns3.tmp' "%ProgramFiles%\ŵŵ\¼«ËÙ¿ªÆ±\OpenFastAssist.exe" "-install"' (with hidden window)
- '%ProgramFiles%\åµåµ\¼«ëù¿ªæ±\nnprotect.exe' -Protect' (with hidden window)
- '%ProgramFiles%\åµåµ\¼«ëù¿ªæ±\fastinvoice.exe' -UpdateIgnore' (with hidden window)