Technical Information
- '%TEMP%\nsf3.tmp\kuping_s_51022.exe'
- '%TEMP%\nsf3.tmp\dianxin_silent[108].exe'
- '%TEMP%\nsf3.tmp\setup1004.exe'
- '%TEMP%\nsf3.tmp\s2222.exe'
- '%TEMP%\nsf3.tmp\shenmatv_dae_300.exe'
- '%TEMP%\nsf3.tmp\setup_3038.exe'
- '%TEMP%\nsf3.tmp\pczh_155.exe'
- '%TEMP%\nsf3.tmp\90018_ailiao.exe'
- '%TEMP%\nsf3.tmp\mx_4zengjie.exe'
- '%TEMP%\nsf3.tmp\setup1146568.exe'
- '%TEMP%\nsf3.tmp\vmmc_70205.exe'
- '%TEMP%\nsf3.tmp\setups30112.exe'
- '%TEMP%\nsf3.tmp\pipi_dae_274.exe'
- '%TEMP%\nsf3.tmp\setup_open_3747.exe'
- '%TEMP%\nsf3.tmp\dianxin_silent[108].exe' (downloaded from the Internet)
- '%TEMP%\nsf3.tmp\s2222.exe' (downloaded from the Internet)
- '%TEMP%\nsf3.tmp\setup_open_3747.exe' (downloaded from the Internet)
- '%TEMP%\nsf3.tmp\shenmatv_dae_300.exe' (downloaded from the Internet)
- '%TEMP%\nsf3.tmp\mx_4zengjie.exe' (downloaded from the Internet)
- '%TEMP%\nsf3.tmp\setups30112.exe' (downloaded from the Internet)
- '%TEMP%\nsf3.tmp\pipi_dae_274.exe' (downloaded from the Internet)
- '%TEMP%\nsf3.tmp\vmmc_70205.exe' (downloaded from the Internet)
- '%TEMP%\nsf3.tmp\setup1146568.exe' (downloaded from the Internet)
- '%TEMP%\nsf3.tmp\setup1004.exe' (downloaded from the Internet)
- '%TEMP%\nsf3.tmp\90018_ailiao.exe' (downloaded from the Internet)
- '%TEMP%\nsf3.tmp\setup_3038.exe' (downloaded from the Internet)
- '%TEMP%\nsf3.tmp\kuping_s_51022.exe' (downloaded from the Internet)
- '%TEMP%\nsf3.tmp\pczh_155.exe' (downloaded from the Internet)
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ailiao[1].gif
- %TEMP%\nsf3.tmp\pczh_155.exe
- %TEMP%\nsf3.tmp\90018_ailiao.exe
- %TEMP%\nsf3.tmp\setup_3038.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\yinyuefm[1].gif
- %TEMP%\nsf3.tmp\setup1004.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\miaomiao[1].gif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\kuping[1].gif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\zhihui[1].gif
- %TEMP%\nsf3.tmp\kuping_s_51022.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\wuji[1].gif
- %TEMP%\nsf3.tmp\dianxin_silent[108].exe
- %TEMP%\nsf3.tmp\setup_open_3747.exe
- %TEMP%\nsf3.tmp\mx_4zengjie.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\mx_4zengjie[1].txt
- %TEMP%\nsf3.tmp\s2222.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\xiaoxinrili[1].gif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\shenma[1].gif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\dianxin[1].gif
- %TEMP%\nsf3.tmp\shenmatv_dae_300.exe
- %TEMP%\nsf3.tmp\pipi_dae_274.exe
- %HOMEPATH%\Start Menu\Programs\їбІҐУ°КУ\Website.lnk
- %PROGRAM_FILES%\kuplay\їбІҐУ°КУ.url
- %HOMEPATH%\Start Menu\Programs\їбІҐУ°КУ\Uninstall.lnk
- %TEMP%\nsf3.tmp\System.dll
- %PROGRAM_FILES%\kuplay\uninst.exe
- %TEMP%\nsf3.tmp\FindProcDLL.dll
- %TEMP%\nso2.tmp
- %PROGRAM_FILES%\kuplay\play.exe
- %HOMEPATH%\Desktop\їбІҐУ°КУ.lnk
- %HOMEPATH%\Start Menu\Programs\їбІҐУ°КУ\їбІҐУ°КУ.lnk
- %TEMP%\nsf3.tmp\setup1146568.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\ruixing[1].gif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\gongjuhui[1].gif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\pipi_dae_274[1].txt
- %TEMP%\nsf3.tmp\setups30112.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\kk[1].htm
- %TEMP%\nsf3.tmp\inetc.dll
- %PROGRAM_FILES%\kuplay\black.htm
- %TEMP%\nsf3.tmp\vmmc_70205.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\baiduweishi[1].gif
- %TEMP%\nsf3.tmp\setups30112.exe
- %TEMP%\nsf3.tmp\setup_3038.exe
- %TEMP%\nsf3.tmp\setup1004.exe
- %TEMP%\nsf3.tmp\setup1146568.exe
- %TEMP%\nsf3.tmp\System.dll
- %TEMP%\nsf3.tmp\vmmc_70205.exe
- %TEMP%\nsf3.tmp\setup_open_3747.exe
- %TEMP%\nsf3.tmp\shenmatv_dae_300.exe
- %TEMP%\nsf3.tmp\s2222.exe
- %TEMP%\nsf3.tmp\FindProcDLL.dll
- %TEMP%\nsf3.tmp\inetc.dll
- %TEMP%\nsf3.tmp\90018_ailiao.exe
- %TEMP%\nsf3.tmp\dianxin_silent[108].exe
- %TEMP%\nsf3.tmp\pczh_155.exe
- %TEMP%\nsf3.tmp\pipi_dae_274.exe
- %TEMP%\nsf3.tmp\kuping_s_51022.exe
- %TEMP%\nsf3.tmp\mx_4zengjie.exe
- 'dl.#ipi.cn':80
- 'mk.##xthon.cn':80
- 'yu##.yyjdpm.net':80
- 'pu########.#28ceb8923f4f.d01.nanoyun.com':80
- pu########.#28ceb8923f4f.d01.nanoyun.com/xiaoxinrili.gif
- pu########.#28ceb8923f4f.d01.nanoyun.com/yinyuefm.gif
- pu########.#28ceb8923f4f.d01.nanoyun.com/ailiao.gif
- pu########.#28ceb8923f4f.d01.nanoyun.com/shenma.gif
- mk.##xthon.cn/max4/zxr/mx_4zengjie.txt
- pu########.#28ceb8923f4f.d01.nanoyun.com/wuji.gif
- pu########.#28ceb8923f4f.d01.nanoyun.com/dianxin.gif
- pu########.#28ceb8923f4f.d01.nanoyun.com/gongjuhui.gif
- pu########.#28ceb8923f4f.d01.nanoyun.com/ruixing.gif
- pu########.#28ceb8923f4f.d01.nanoyun.com/baiduweishi.gif
- dl.#ipi.cn/pipi_dae_274.txt
- pu########.#28ceb8923f4f.d01.nanoyun.com/zhihui.gif
- pu########.#28ceb8923f4f.d01.nanoyun.com/kuping.gif
- pu########.#28ceb8923f4f.d01.nanoyun.com/miaomiao.gif
- yu##.yyjdpm.net/kk.php
- DNS ASK pu########.#28ceb8923f4f.d01.nanoyun.com
- DNS ASK dl.#ipi.cn
- DNS ASK mk.##xthon.cn
- DNS ASK yu##.yyjdpm.net
- DNS ASK d.##dtw.com
- DNS ASK do##.guangsu.cn