Technical Information
- '<LS_APPDATA>\install1585095.exe'
- '<LS_APPDATA>\jgimeside_yllm_105.exe'
- '<LS_APPDATA>\QQPCDownload45016.exe'
- '<LS_APPDATA>\srigtp_70577.exe'
- '<LS_APPDATA>\uupic_1016.exe'
- '<LS_APPDATA>\fgcn_102099.exe'
- '<LS_APPDATA>\OfficeAssist.0195.80.1013.exe'
- '<LS_APPDATA>\Browser_V3.0.947.0_r_4292_(Build14090214).exe'
- '<LS_APPDATA>\setupsbdm-hh-3531.exe'
- '<LS_APPDATA>\yxku_s[213].exe'
- '<LS_APPDATA>\sjss_jing_oo_000001.exe'
- '<LS_APPDATA>\zhezi_setup_ZCDB.exe'
- '<LS_APPDATA>\setup_fdd0_p3c0.exe'
- '<LS_APPDATA>\365weatherIns_176.exe'
- '<LS_APPDATA>\tqrl_88_32387.exe'
- '<LS_APPDATA>\setup_s1002.exe'
- '<LS_APPDATA>\livedt_brqds_3.5.0_500dx.exe'
- '<LS_APPDATA>\setup_1002_.exe'
- '<LS_APPDATA>\kt_b_80176.exe'
- '<LS_APPDATA>\Joke_-0001u_xh2014._301uh.exe'
- '<LS_APPDATA>\apples_9_32387.exe'
- '<LS_APPDATA>\setup_v_62624.exe'
- '<LS_APPDATA>\QQBrowser_Setup_Hk_78656.exe'
- '<LS_APPDATA>\cz_461.exe'
- '<LS_APPDATA>\F0814_s_30827.exe'
- '<LS_APPDATA>\114lm-32387.exe'
- '<LS_APPDATA>\qiqibox_1016.exe'
- '<LS_APPDATA>\see_3196.exe'
- '<LS_APPDATA>\UUSEE_kb1003_Setup_169339.exe'
- '<LS_APPDATA>\cz_461.exe' (downloaded from the Internet)
- '<LS_APPDATA>\kt_b_80176.exe' (downloaded from the Internet)
- '<LS_APPDATA>\apples_9_32387.exe' (downloaded from the Internet)
- '<LS_APPDATA>\setup_fdd0_p3c0.exe' (downloaded from the Internet)
- '<LS_APPDATA>\setup_s1002.exe' (downloaded from the Internet)
- '<LS_APPDATA>\sjss_jing_oo_000001.exe' (downloaded from the Internet)
- '<LS_APPDATA>\see_3196.exe' (downloaded from the Internet)
- '<LS_APPDATA>\365weatherIns_176.exe' (downloaded from the Internet)
- '<LS_APPDATA>\zhezi_setup_ZCDB.exe' (downloaded from the Internet)
- '<LS_APPDATA>\setup_1002_.exe' (downloaded from the Internet)
- '<LS_APPDATA>\tqrl_88_32387.exe' (downloaded from the Internet)
- '<LS_APPDATA>\setup_v_62624.exe' (downloaded from the Internet)
- '<LS_APPDATA>\livedt_brqds_3.5.0_500dx.exe' (downloaded from the Internet)
- '<LS_APPDATA>\Joke_-0001u_xh2014._301uh.exe' (downloaded from the Internet)
- '<LS_APPDATA>\setupsbdm-hh-3531.exe' (downloaded from the Internet)
- '<LS_APPDATA>\uupic_1016.exe' (downloaded from the Internet)
- '<LS_APPDATA>\Browser_V3.0.947.0_r_4292_(Build14090214).exe' (downloaded from the Internet)
- '<LS_APPDATA>\OfficeAssist.0195.80.1013.exe' (downloaded from the Internet)
- '<LS_APPDATA>\114lm-32387.exe' (downloaded from the Internet)
- '<LS_APPDATA>\fgcn_102099.exe' (downloaded from the Internet)
- '<LS_APPDATA>\UUSEE_kb1003_Setup_169339.exe' (downloaded from the Internet)
- '<LS_APPDATA>\QQPCDownload45016.exe' (downloaded from the Internet)
- '<LS_APPDATA>\srigtp_70577.exe' (downloaded from the Internet)
- '<LS_APPDATA>\yxku_s[213].exe' (downloaded from the Internet)
- '<LS_APPDATA>\qiqibox_1016.exe' (downloaded from the Internet)
- '<LS_APPDATA>\jgimeside_yllm_105.exe' (downloaded from the Internet)
- '<LS_APPDATA>\QQBrowser_Setup_Hk_78656.exe' (downloaded from the Internet)
- '<LS_APPDATA>\F0814_s_30827.exe' (downloaded from the Internet)
- '<LS_APPDATA>\install1585095.exe' (downloaded from the Internet)
- '<SYSTEM32>\taskkill.exe' /F /IM <Virus name>.exe
- '<SYSTEM32>\cmd.exe' /c <Full path to virus>.bat
- <LS_APPDATA>\QQPCDownload45016.exe
- <LS_APPDATA>\yxku_s[213].exe
- <LS_APPDATA>\livedt_brqds_3.5.0_500dx.exe
- <LS_APPDATA>\srigtp_70577.exe
- <LS_APPDATA>\uupic_1016.exe
- <LS_APPDATA>\jgimeside_yllm_105.exe
- <LS_APPDATA>\install1585095.exe
- <LS_APPDATA>\setup_s1002.exe
- <LS_APPDATA>\sjss_jing_oo_000001.exe
- <LS_APPDATA>\365weatherIns_176.exe
- <LS_APPDATA>\setup_fdd0_p3c0.exe
- <LS_APPDATA>\zhezi_setup_ZCDB.exe
- <LS_APPDATA>\kt_b_80176.exe
- <LS_APPDATA>\setup_1002_.exe
- <LS_APPDATA>\tqrl_88_32387.exe
- <LS_APPDATA>\apples_9_32387.exe
- <LS_APPDATA>\qiqibox_1016.exe
- <LS_APPDATA>\F0814_s_30827.exe
- <LS_APPDATA>\cz_461.exe
- %PROGRAM_FILES%\open.ini
- <LS_APPDATA>\see_3196.exe
- <LS_APPDATA>\setup_v_62624.exe
- <LS_APPDATA>\QQBrowser_Setup_Hk_78656.exe
- <LS_APPDATA>\fgcn_102099.exe
- <LS_APPDATA>\setupsbdm-hh-3531.exe
- <LS_APPDATA>\Browser_V3.0.947.0_r_4292_(Build14090214).exe
- <LS_APPDATA>\OfficeAssist.0195.80.1013.exe
- <LS_APPDATA>\Joke_-0001u_xh2014._301uh.exe
- <LS_APPDATA>\UUSEE_kb1003_Setup_169339.exe
- <LS_APPDATA>\114lm-32387.exe
- %PROGRAM_FILES%\open.ini
- 'dl###6.qq.com':80
- 'do##.#ingfubobo.com':80
- 'do##.071dt.com':80
- 'jm#.###jianpinyin.net':6734
- 'do##.#aisong8.com':80
- 'wo####o.qiniudn.com':80
- 'dn###rs.qbox.me':80
- 'my####te.dlwns.cn':80
- 'ju##.#nzhubo.net':3234
- 'st####.adshendun.com':80
- 'do#####d.t.zhezi.com':80
- 'xz.###nxinshu.com':80
- 'do##.#unasou.com':80
- 'dl.##bizhi.com':80
- 'do#####d.uukantu.com':80
- 'be##.8910ad.com':80
- 'dl.##duqq.com':80
- '12#.#25.114.144':80
- 'im##.chizao.com':80
- 'wz.##huashi.com':80
- 'am##.#iniudn.com':80
- 'se####.litsoft.com.cn':80
- 'cn##.#iniudn.com':80
- 'd.###q365.com':80
- 'do##2.uc.cn':80
- 'wd##.#ache.wps.cn':80
- 'dl###1.qq.com':80
- 'dd.##aidui.com':80
- 'do####ad.uusee.com':80
- dl###6.qq.com/invc/xfspeed/qqpcmgr/download/QQPCDownload45016.exe
- do##.#ingfubobo.com/yxku/bind/yxku_s[213].exe
- do##.071dt.com/bind/livedt_brqds_3.5.0_500dx.exe
- dn###rs.qbox.me/srigtp_70577.exe
- do#####d.uukantu.com/uupic_1016.exe
- do##.#aisong8.com/input/jgimeside_yllm_105.exe
- wo####o.qiniudn.com/install1585095%20.exe
- my####te.dlwns.cn/oo.asp?id#######
- wo####o.qiniudn.com/365weatherIns_176.exe
- st####.adshendun.com/vbclient/download/silent/setup_fdd0_p3c0.exe
- do#####d.t.zhezi.com/setup/ZC/zhezi_setup_ZCDB.exe
- xz.###nxinshu.com/download/setup_s1002.exe
- do##.#unasou.com/kt/kt_b_80176.exe
- dl.##bizhi.com/down/vkwk/setup_1002_.exe
- be##.8910ad.com/iclk/?zo#####################
- dl.##duqq.com/download/qiqibox_1016.exe
- 12#.#25.114.144/go/full/2/30827
- im##.chizao.com/cz_461.exe
- wz.##huashi.com/tongji.asp?sn######################################################
- am##.#iniudn.com/see_3196.exe
- se####.litsoft.com.cn/search/setup_v_62624.exe
- cn##.#iniudn.com/fgcn_102099.exe
- d.###q365.com/setupsbdm-hh-3531.exe
- do##2.uc.cn/pcbrowser/down.php?pi######
- wd##.#ache.wps.cn/wps/download/OfficeAssist.0195.80.1013.exe
- dl###1.qq.com/invc/tt/QQBrowser_Setup_Hk_78656.exe
- dd.##aidui.com/http/Joke_-0001u_xh2014._301uh.exe
- do####ad.uusee.com/pop/down_new.php?u=###################
- DNS ASK dl###6.qq.com
- DNS ASK do##.#ingfubobo.com
- DNS ASK do##.071dt.com
- DNS ASK jm#.###jianpinyin.net
- DNS ASK do##.#aisong8.com
- DNS ASK wo####o.qiniudn.com
- DNS ASK dn###rs.qbox.me
- DNS ASK my####te.dlwns.cn
- DNS ASK ju##.#nzhubo.net
- DNS ASK st####.adshendun.com
- DNS ASK do#####d.t.zhezi.com
- DNS ASK xz.###nxinshu.com
- DNS ASK do##.#unasou.com
- DNS ASK dl.##bizhi.com
- DNS ASK do#####d.uukantu.com
- DNS ASK be##.8910ad.com
- DNS ASK dl.##duqq.com
- DNS ASK w.#.#aidu.com
- DNS ASK im##.chizao.com
- DNS ASK wz.##huashi.com
- DNS ASK am##.#iniudn.com
- DNS ASK se####.litsoft.com.cn
- DNS ASK cn##.#iniudn.com
- DNS ASK d.###q365.com
- DNS ASK do##2.uc.cn
- DNS ASK wd##.#ache.wps.cn
- DNS ASK dl###1.qq.com
- DNS ASK dd.##aidui.com
- DNS ASK do####ad.uusee.com
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''