Technical Information
- '%PROGRAM_FILES%\IQIYIsetup_l_spl004@kb010.exe'
- '%PROGRAM_FILES%\ins1256858.exe'
- '%PROGRAM_FILES%\tqrl_169_88888.exe'
- '%PROGRAM_FILES%\BF-BFVCenter[[AB027]].exe'
- '%PROGRAM_FILES%\9377mycs_Y_mgaz2_1201B.exe'
- '%PROGRAM_FILES%\2345Explorer_329242_silence.exe'
- '%PROGRAM_FILES%\yqtj019.exe'
- '%PROGRAM_FILES%\QQGame_setup_xzq_20006.exe' /S
- '%PROGRAM_FILES%\-2000_1_mp.exe'
- '%PROGRAM_FILES%\guodou_137_777.exe'
- '%PROGRAM_FILES%\setup_zjm0104.exe'
- '%PROGRAM_FILES%\OfficeAssist.0405.80.1119.exe'
- '%PROGRAM_FILES%\SoHuVA_4.3.0.1-c204900003-ng-nti-s-x.exe'
- '%PROGRAM_FILES%\yx_dts.exe'
- '%PROGRAM_FILES%\FunshionInstall_C70699.exe'
- '%PROGRAM_FILES%\MM-liao8302.exe'
- '%PROGRAM_FILES%\setup_95165069.exe'
- '%PROGRAM_FILES%\guodou_137_777.exe' (downloaded from the Internet)
- '%PROGRAM_FILES%\QQGame_setup_xzq_20006.exe' (downloaded from the Internet)
- '%PROGRAM_FILES%\yx_dts.exe' (downloaded from the Internet)
- '%PROGRAM_FILES%\MM-liao8302.exe' (downloaded from the Internet)
- '%PROGRAM_FILES%\yqtj019.exe' (downloaded from the Internet)
- '%PROGRAM_FILES%\setup_zjm0104.exe' (downloaded from the Internet)
- '%PROGRAM_FILES%\-2000_1_mp.exe' (downloaded from the Internet)
- '%PROGRAM_FILES%\9377mycs_Y_mgaz2_1201B.exe' (downloaded from the Internet)
- '%PROGRAM_FILES%\tqrl_169_88888.exe' (downloaded from the Internet)
- '%PROGRAM_FILES%\SoHuVA_4.3.0.1-c204900003-ng-nti-s-x.exe' (downloaded from the Internet)
- '%PROGRAM_FILES%\setup_95165069.exe' (downloaded from the Internet)
- '%PROGRAM_FILES%\BF-BFVCenter[[AB027]].exe' (downloaded from the Internet)
- '%PROGRAM_FILES%\FunshionInstall_C70699.exe' (downloaded from the Internet)
- '%PROGRAM_FILES%\2345Explorer_329242_silence.exe' (downloaded from the Internet)
- '%PROGRAM_FILES%\ins1256858.exe' (downloaded from the Internet)
- '%PROGRAM_FILES%\OfficeAssist.0405.80.1119.exe' (downloaded from the Internet)
- '%PROGRAM_FILES%\IQIYIsetup_l_spl004@kb010.exe' (downloaded from the Internet)
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- %PROGRAM_FILES%\IQIYIsetup_l_spl004@kb010.exe
- %PROGRAM_FILES%\ins1256858.exe
- %PROGRAM_FILES%\tqrl_169_88888.exe
- %PROGRAM_FILES%\BF-BFVCenter[[AB027]].exe
- %PROGRAM_FILES%\9377mycs_Y_mgaz2_1201B.exe
- %PROGRAM_FILES%\2345Explorer_329242_silence.exe
- %PROGRAM_FILES%\yqtj019.exe
- %PROGRAM_FILES%\QQGame_setup_xzq_20006.exe
- %PROGRAM_FILES%\-2000_1_mp.exe
- %PROGRAM_FILES%\guodou_137_777.exe
- %PROGRAM_FILES%\setup_zjm0104.exe
- %PROGRAM_FILES%\setup_95165069.exe
- %PROGRAM_FILES%\1.rar
- %PROGRAM_FILES%\MM-liao8302.exe
- %TEMP%\nsm2.tmp\Inetc.dll
- %TEMP%\nsm2.tmp\System.dll
- %PROGRAM_FILES%\2.ico
- %PROGRAM_FILES%\yx_dts.exe
- %PROGRAM_FILES%\OfficeAssist.0405.80.1119.exe
- %PROGRAM_FILES%\SoHuVA_4.3.0.1-c204900003-ng-nti-s-x.exe
- %PROGRAM_FILES%\OK
- %PROGRAM_FILES%\FunshionInstall_C70699.exe
- %TEMP%\nsm2.tmp\Base64.dll
- %TEMP%\nsm2.tmp\System.dll
- %TEMP%\nsm2.tmp\Inetc.dll
- %TEMP%\nsm2.tmp\Base64.dll
- 'do####ad.2345.cn':80
- 'g.##ipo.com':80
- 'g.###en320.com':80
- 'do##.#ianyunxj.com':80
- 'dl.###tic.iqiyi.com':80
- 'vi##.666.my':99
- 'dl###3.qq.com':80
- 'www.yq##.org':80
- 'do##.#476ddd.com':80
- 'me####.souxuncn.com':80
- 'xi###i.9377.com':80
- 'd.###6699.com':80
- 'ne#####.funshion.com':80
- 'mm####.jianting.net':80
- 'in#.###ol.sina.com.cn':80
- 'up#####o.b0.upaiyun.com':443
- 'dl.#x5.com':80
- 'dl.##ofeng.com':80
- 'so######ne.b0.upaiyun.com':80
- 'www.ba###hijz.com':80
- 'wd##.#ache.wps.cn':80
- g.###en320.com/d/ins1256858.exe
- do####ad.2345.cn/silence/2345Explorer_329242_silence.exe
- do##.#ianyunxj.com/tqrl_169_88888.exe
- dl.###tic.iqiyi.com/hz/IQIYIsetup_l_spl004@kb010.exe
- g.##ipo.com/guodou_137_888.exe
- www.yq##.org/baidu/yqtj019.exe
- dl###3.qq.com/minigamefile/QQGame_setup_xzq_20006.exe
- do##.#476ddd.com/hezi/jm/setup_zjm0104.exe
- me####.souxuncn.com/meipin/affairs/-2000_1_mp.exe
- xi###i.9377.com/20150105/9377mycs_Y_mgaz2_1201B.exe
- d.###6699.com/yx/dts/sqft/905848/yx_dts.exe
- ne#####.funshion.com/software/files/silent5/FunshionInstall_C70699.exe
- in#.###ol.sina.com.cn/iplookup/iplookup.php
- mm####.jianting.net/mmliao/MM-liao8302.exe
- www.ba###hijz.com/YjY2MmVmNDkuZXhl/40.html
- dl.#x5.com/apk/20141222/setup_95165069.exe
- dl.##ofeng.com/BFVCenter/BF-BFVCenter[[AB027]].exe
- wd##.#ache.wps.cn/wps/download/OfficeAssist.0405.80.1119.exe
- so######ne.b0.upaiyun.com/SoHuVA_4.3.0.1-c204900003-ng-nti-s-x.rar
- DNS ASK do####ad.2345.cn
- DNS ASK g.##ipo.com
- DNS ASK g.###en320.com
- DNS ASK do##.#ianyunxj.com
- DNS ASK dl.###tic.iqiyi.com
- DNS ASK vi##.666.my
- DNS ASK dl###3.qq.com
- DNS ASK www.yq##.org
- DNS ASK do##.#476ddd.com
- DNS ASK me####.souxuncn.com
- DNS ASK xi###i.9377.com
- DNS ASK d.###6699.com
- DNS ASK ne#####.funshion.com
- DNS ASK mm####.jianting.net
- DNS ASK in#.###ol.sina.com.cn
- DNS ASK up#####o.b0.upaiyun.com
- DNS ASK dl.#x5.com
- DNS ASK dl.##ofeng.com
- DNS ASK so######ne.b0.upaiyun.com
- DNS ASK www.ba###hijz.com
- DNS ASK wd##.#ache.wps.cn
- ClassName: 'Shell_TrayWnd' WindowName: ''