Technical Information
- <SYSTEM32>\tasks\软媒魔方
- [<HKLM>\System\CurrentControlSet\Services\pcmastercoredrv] 'Start' = '00000001'
- [<HKLM>\System\CurrentControlSet\Services\pcmastercoredrv] 'ImagePath' = '<DRIVERS>\pcmastercoredrv.sys'
- 'pcmastercoredrv' <DRIVERS>\pcmastercoredrv.sys
- %TEMP%\9877.tmp
- <DRIVERS>\pcmastercoredrv.sys
- %WINDIR%\temp\udd9dd4.tmp
- %WINDIR%\temp\udd9dd4.tmp
- http://www.qq.com/
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- DNS ASK qq.com
- DNS ASK microsoft.com
- ClassName: 'pcmaster_sysradar_flowwindow' WindowName: ''
- ClassName: '_Pcmaster_LunarCalendar' WindowName: ''
- ClassName: '_PCMaster_MyDesk' WindowName: ''
- ClassName: '_Tweakcube3' WindowName: ''
- ClassName: '_PCMasterTray' WindowName: ''
- ClassName: '_PCMaster' WindowName: ''