Technical Information
- %WINDIR%\Tasks\winapp01.job
- [<HKLM>\SYSTEM\ControlSet001\Services\WindowsG01] 'Start' = '00000002'
- '%PROGRAM_FILES%\hyl\fw.exe'
- '%PROGRAM_FILES%\hyl\boinc.exe'
- '%PROGRAM_FILES%\hyl\boinc.exe' --detect_gpus --dir "%ALLUSERSPROFILE%\Application Data\boinc"
- '%PROGRAM_FILES%\tj.exe'
- '%PROGRAM_FILES%\cg.exe'
- '%PROGRAM_FILES%\hyl\dc.exe'
- '<SYSTEM32>\wscript.exe' "%PROGRAM_FILES%\hyl\play.vbs"
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\schtasks.exe' /create /tn "winapp01" /tr "\"%PROGRAM_FILES%\hyl\boincmgr.exe"" /sc onstart /ru System
- '<SYSTEM32>\sc.exe' create WindowsG01 type= interact type= own start= auto binpath= "%PROGRAM_FILES%\hyl\WindowsG.exe"
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\btnHelpClicked.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\btnMessages.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\btnMessagesRed.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\btnCopyAllClicked.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\btnCopyClicked.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\btnHelp.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\btnSaveClick.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\btnSnooze.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\conn_ind.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\btnPreferences.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\btnResume.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\btnSave.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\btnCancelClick.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\btnChange.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\btnChangeClick.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\btnAddProjectClick.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\btnAdvancedView.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\btnCancel.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\btnCloseClick.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\btnCopy.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\btnCopyAll.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\btnClear.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\btnClearClick.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\btnClose.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\default_stat_icon.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\wcg_stop.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\wcg_wizard_bar.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\wu_bg.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\wcg_black_background.gif
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\wcg_pause.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\wcg_play.png
- %TEMP%\nsh4.tmp\nsRandom.dll
- %ALLUSERSPROFILE%\Application Data\BOINC\coproc_info.xml
- %ALLUSERSPROFILE%\Application Data\BOINC\stdoutgpudetect.txt
- %ALLUSERSPROFILE%\Application Data\BOINC\account_www.worldcommunitygrid.org.xml
- %ALLUSERSPROFILE%\Application Data\BOINC\projects\www.worldcommunitygrid.org\wcgrid_cep2_6.40_windows_intelx86
- %ALLUSERSPROFILE%\Application Data\BOINC\projects\www.worldcommunitygrid.org\wcgrid_cep2_qchem_6.40_windows_intelx86
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\gauge_progress_indicator.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\ico_workWU.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\proj_bg.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\dlgBackground.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\error_image.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\gauge_bg.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\state_ind_bg.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\tabArea_bg.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\wcg_about.ico
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\project_image.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\simplegui_bg.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\spacer.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\btnAddProject.png
- %PROGRAM_FILES%\hyl\boinctray.exe
- %PROGRAM_FILES%\hyl\ca-bundle.crt
- %PROGRAM_FILES%\hyl\dbghelp95.dll
- %PROGRAM_FILES%\hyl\boinccmd.exe
- %PROGRAM_FILES%\hyl\boincmgr.exe
- %PROGRAM_FILES%\hyl\boincsvcctrl.exe
- %PROGRAM_FILES%\hyl\libeay32.dll
- %PROGRAM_FILES%\hyl\msvcm80.dll
- %PROGRAM_FILES%\hyl\msvcp80.dll
- %PROGRAM_FILES%\hyl\dc.exe
- %PROGRAM_FILES%\hyl\fw.exe
- %PROGRAM_FILES%\hyl\libcurl.dll
- %TEMP%\nse3.tmp
- %PROGRAM_FILES%\hyl\BOINCGUIApp.ico
- %PROGRAM_FILES%\hyl\COPYING
- %PROGRAM_FILES%\tj.exe
- %PROGRAM_FILES%\cg.exe
- %PROGRAM_FILES%\My application\0.txt
- %PROGRAM_FILES%\hyl\WindowsG.exe
- %PROGRAM_FILES%\hyl\boinc.exe
- %PROGRAM_FILES%\hyl\boinc_logo_black.jpg
- %PROGRAM_FILES%\hyl\COPYRIGHT
- %PROGRAM_FILES%\hyl\LiberationSans-Regular.ttf
- %PROGRAM_FILES%\hyl\Microsoft.VC80.CRT.manifest
- %PROGRAM_FILES%\hyl\msvcr80.dll
- %PROGRAM_FILES%\hyl\skins\Default\workunit_running_image.png
- %PROGRAM_FILES%\hyl\skins\Default\workunit_suspended_image.png
- %PROGRAM_FILES%\hyl\skins\Default\workunit_waiting_image.png
- %PROGRAM_FILES%\hyl\skins\Default\Thumbs.db
- %PROGRAM_FILES%\hyl\skins\Default\background_image.png
- %PROGRAM_FILES%\hyl\skins\Default\skin.xml
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\arwLeftClick.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\arwRight.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\arwRightClick.png
- %PROGRAM_FILES%\hyl\skins\World Community Grid\skin.xml
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\Thumbs.db
- %PROGRAM_FILES%\hyl\skins\World Community Grid\graphic\arwLeft.png
- %PROGRAM_FILES%\hyl\ssleay32.dll
- %PROGRAM_FILES%\hyl\stderrgfx.txt
- %PROGRAM_FILES%\hyl\symsrv.dll
- %PROGRAM_FILES%\hyl\play.vbs
- %PROGRAM_FILES%\hyl\sqlite3.dll
- %PROGRAM_FILES%\hyl\srcsrv.dll
- %PROGRAM_FILES%\hyl\locale\es\BOINC-Manager.mo
- %PROGRAM_FILES%\hyl\locale\zh_CN\BOINC-Client.mo
- %PROGRAM_FILES%\hyl\locale\zh_CN\BOINC-Manager.mo
- %PROGRAM_FILES%\hyl\symsrv.yes
- %PROGRAM_FILES%\hyl\zlib1.dll
- %PROGRAM_FILES%\hyl\locale\es\BOINC-Client.mo
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- %TEMP%\nsh4.tmp\nsRandom.dll
- 'st##.eliang.com':80
- st##.eliang.com/cstat.php
- DNS ASK st##.eliang.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''