Technical Information
- '%TEMP%\nsk2.tmp\SoHuVA_4.2.0.0-c204900009-ng-s-run-x.exe'
- '%TEMP%\nsk2.tmp\kuping_s_51022.exe'
- '%TEMP%\nsk2.tmp\pipi_dae_274.exe'
- '%TEMP%\nsk2.tmp\setup_t10110.exe'
- '%TEMP%\nsk2.tmp\shenmatv_dae_300.exe'
- '%TEMP%\nsk2.tmp\setup_3155.exe'
- '%TEMP%\nsk2.tmp\92046_al.exe'
- '%TEMP%\nsk2.tmp\setup_open_4127.exe'
- '%TEMP%\nsk2.tmp\pczh_155.exe'
- '%TEMP%\nsk2.tmp\setups30112.exe'
- '%TEMP%\nsk2.tmp\setup_qd206.exe'
- '%TEMP%\nsk2.tmp\mx_4zengjie.exe'
- '%TEMP%\nsk2.tmp\vmmc_70208.exe'
- '%TEMP%\nsk2.tmp\setup1146568.exe'
- '%TEMP%\nsk2.tmp\vxdpwbw_30071.exe'
- '%TEMP%\nsk2.tmp\dianxin_silent[108].exe'
- '%TEMP%\nsk2.tmp\setup_t10110.exe' (downloaded from the Internet)
- '%TEMP%\nsk2.tmp\mx_4zengjie.exe' (downloaded from the Internet)
- '%TEMP%\nsk2.tmp\shenmatv_dae_300.exe' (downloaded from the Internet)
- '%TEMP%\nsk2.tmp\dianxin_silent[108].exe' (downloaded from the Internet)
- '%TEMP%\nsk2.tmp\setup_3155.exe' (downloaded from the Internet)
- '%TEMP%\nsk2.tmp\92046_al.exe' (downloaded from the Internet)
- '%TEMP%\nsk2.tmp\vmmc_70208.exe' (downloaded from the Internet)
- '%TEMP%\nsk2.tmp\setup1146568.exe' (downloaded from the Internet)
- '%TEMP%\nsk2.tmp\setup_qd206.exe' (downloaded from the Internet)
- '%TEMP%\nsk2.tmp\vxdpwbw_30071.exe' (downloaded from the Internet)
- '%TEMP%\nsk2.tmp\setups30112.exe' (downloaded from the Internet)
- '%TEMP%\nsk2.tmp\setup_open_4127.exe' (downloaded from the Internet)
- '%TEMP%\nsk2.tmp\pczh_155.exe' (downloaded from the Internet)
- '%TEMP%\nsk2.tmp\kuping_s_51022.exe' (downloaded from the Internet)
- '%TEMP%\nsk2.tmp\pipi_dae_274.exe' (downloaded from the Internet)
- '%TEMP%\nsk2.tmp\SoHuVA_4.2.0.0-c204900009-ng-s-run-x.exe' (downloaded from the Internet)
- %TEMP%\nsk2.tmp\pczh_155.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\zhihui[1].gif
- %TEMP%\nsk2.tmp\92046_al.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\ailiao[1].gif
- %TEMP%\nsk2.tmp\setup_open_4127.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\kuping[1].gif
- %TEMP%\nsk2.tmp\SoHuVA_4.2.0.0-c204900009-ng-s-run-x.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\wuji[1].gif
- %TEMP%\nsk2.tmp\kuping_s_51022.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\yinyue[1].gif
- %TEMP%\nsk2.tmp\dianxin_silent[108].exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\dianxin[1].gif
- %TEMP%\nsk2.tmp\mx_4zengjie.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\mx_4zengjie[1].txt
- %TEMP%\nsk2.tmp\setup_t10110.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\shenma[1].gif
- %TEMP%\nsk2.tmp\setup_3155.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\xiaoxin[1].gif
- %TEMP%\nsk2.tmp\shenmatv_dae_300.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\SoHuVA_4.0.0.73-c204900009-ng-s-run-x[1].txt
- %PROGRAM_FILES%\kuplayplay\black.htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\kk[1].htm
- %TEMP%\nsk2.tmp\vxdpwbw_30071.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\baidushadu[1].gif
- %TEMP%\nsk2.tmp\inetc.dll
- %HOMEPATH%\Start Menu\Programs\kuplayplay\Uninstall.lnk
- %TEMP%\nsk2.tmp\FindProcDLL.dll
- %TEMP%\nsk2.tmp\System.dll
- %PROGRAM_FILES%\kuplayplay\uninst.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\gongju[1].gif
- %TEMP%\nsk2.tmp\setup1146568.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\ruixing[1].gif
- %TEMP%\nsk2.tmp\pipi_dae_274.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\pipi_dae_274[1].txt
- %TEMP%\nsk2.tmp\vmmc_70208.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\setup_qd206[1].txt
- %TEMP%\nsk2.tmp\setups30112.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\baiduweishi[1].gif
- %TEMP%\nsk2.tmp\setup_qd206.exe
- %TEMP%\nsk2.tmp\setup_qd206.exe
- %TEMP%\nsk2.tmp\setup_t10110.exe
- %TEMP%\nsk2.tmp\setup_3155.exe
- %TEMP%\nsk2.tmp\setup_open_4127.exe
- %TEMP%\nsk2.tmp\shenmatv_dae_300.exe
- %TEMP%\nsk2.tmp\vmmc_70208.exe
- %TEMP%\nsk2.tmp\vxdpwbw_30071.exe
- %TEMP%\nsk2.tmp\SoHuVA_4.2.0.0-c204900009-ng-s-run-x.exe
- %TEMP%\nsk2.tmp\System.dll
- %TEMP%\nsk2.tmp\setups30112.exe
- %TEMP%\nsk2.tmp\FindProcDLL.dll
- %TEMP%\nsk2.tmp\inetc.dll
- %TEMP%\nsk2.tmp\92046_al.exe
- %TEMP%\nsk2.tmp\dianxin_silent[108].exe
- %TEMP%\nsk2.tmp\kuping_s_51022.exe
- %TEMP%\nsk2.tmp\pipi_dae_274.exe
- %TEMP%\nsk2.tmp\setup1146568.exe
- %TEMP%\nsk2.tmp\mx_4zengjie.exe
- %TEMP%\nsk2.tmp\pczh_155.exe
- 'dl.#ipi.cn':80
- 'd.##dtw.com':80
- 'mk.##xthon.cn':80
- 'yu##.yyjdpm.net':80
- 'do####ad.yyjdpm.net':80
- 'do##.guangsu.cn':80
- do####ad.yyjdpm.net/ailiao.gif
- do####ad.yyjdpm.net/yinyue.gif
- do####ad.yyjdpm.net/wuji.gif
- do####ad.yyjdpm.net/zhihui.gif
- do####ad.yyjdpm.net/dianxin.gif
- mk.##xthon.cn/max4/zxr/mx_4zengjie.txt
- do####ad.yyjdpm.net/shenma.gif
- do####ad.yyjdpm.net/xiaoxin.gif
- do##.guangsu.cn/qdn/setup_qd206.txt
- do####ad.yyjdpm.net/baiduweishi.gif
- do####ad.yyjdpm.net/baidushadu.gif
- do####ad.yyjdpm.net/gongju.gif
- d.##dtw.com/exe/SoHuVA_4.0.0.73-c204900009-ng-s-run-x.txt
- do####ad.yyjdpm.net/kuping.gif
- do####ad.yyjdpm.net/ruixing.gif
- dl.#ipi.cn/pipi_dae_274.txt
- yu##.yyjdpm.net/kk.php
- DNS ASK dl.#ipi.cn
- DNS ASK d.##dtw.com
- DNS ASK mk.##xthon.cn
- DNS ASK yu##.yyjdpm.net
- DNS ASK do####ad.yyjdpm.net
- DNS ASK do##.guangsu.cn
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'