Technical Information
- %TEMP%\qs_2b122430\<File name>.log
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\low\desktop.ini
- %LOCALAPPDATA%low\cookieman.exe
- %TEMP%\symccis.dll
- %TEMP%\symccis2.zip
- %TEMP%\qs_2b122430\3dfallingleavesawp_13326.txt
- %TEMP%\qs_2b122430\yahoo_keepmysettingsx.vi.zip
- %TEMP%\qs_2b122430\yahoo_hpds_startpage.vi.zip
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\low\content.ie5\desktop.ini
- %TEMP%\qs_2b122430\yahoo_hpds_defaultsearch.vi.zip
- %TEMP%\qs_2b122430\omgcleanmypc.vi.zip
- %TEMP%\qs_2b122430\savepathdeals.vi.zip
- %TEMP%\qs_2b122430\pcspeedboost.vi.zip
- %TEMP%\qs_2b122430\lookthisup.vi.zip
- %TEMP%\qs_2b122430\spyhunter.vi.zip
- %TEMP%\qs_2b122430\websearches.vi.zip
- %TEMP%\qs_2b122430\smartweb.vi.zip
- %TEMP%\qs_2b122430\omgprivacyshield.vi.zip
- %LOCALAPPDATA%low\cookie.ini
- %TEMP%\qs_2b122430\postback.response.json
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\low\content.ie5\index.dat
- %TEMP%\ccd6e6e.tmp
- %TEMP%\ccd6ce7.tmp-wal
- %TEMP%\ccd6ce7.tmp-shm
- %TEMP%\ccd6ce7.tmp
- %TEMP%\ccd6b31.tmp
- %TEMP%\ccd6a27.tmp-wal
- %TEMP%\ccd6a27.tmp-shm
- %TEMP%\qs_2b122430\yahoo_hpds_startpage.test.vi.zip
- %TEMP%\ccd6a27.tmp
- %APPDATA%\microsoft\windows\ietldcache\low\index.dat
- %LOCALAPPDATA%\microsoft\windows\history\low\history.ie5\index.dat
- %APPDATA%\microsoft\windows\cookies\low\index.dat
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\low\content.ie5\mqpufdnr\desktop.ini
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\low\content.ie5\4li0gvwq\desktop.ini
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\low\content.ie5\tk92q823\desktop.ini
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\low\content.ie5\tn5kgih5\desktop.ini
- %LOCALAPPDATA%\microsoft\windows\history\low\desktop.ini
- %LOCALAPPDATA%\microsoft\windows\history\low\history.ie5\desktop.ini
- %TEMP%\qs_2b122430\converterfreeonline.vi.zip
- %TEMP%\qs_2b122430\driverfighter.vi.zip
- %TEMP%\qs_2b122430\maxthon.vi.zip
- %TEMP%\qs_2b122430\browseignite.vi.zip
- %TEMP%\qs_2b122430\nortonsecurityscan.vi.zip
- %TEMP%\qs_2b122430\weatherbug.vi.zip
- %TEMP%\qs_2b122430\snapdo.vi.zip
- %TEMP%\qs_2b122430\smartpccleaner.vi.zip
- %TEMP%\qs_2b122430\fulldiskfighter.vi.zip
- %TEMP%\qs_2b122430\winferno.vi.zip
- %TEMP%\qs_2b122430\driverscanner.vi.zip
- %TEMP%\qs_2b122430\pcspeedup.vi.zip
- %TEMP%\qs_2b122430\pcoptimizerpro_offer.vi.zip
- %TEMP%\qs_2b122430\offerbox.vi.zip
- %TEMP%\qs_2b122430\rockettab.vi.zip
- %TEMP%\qs_2b122430\3dfallingleavesawp.vi.zip
- %TEMP%\qs_2b122430\petite_oo_v5.vi.zip
- %TEMP%\qs_2b122430\config.xml
- %TEMP%\qs_2b122430\registryhelper.vi.zip
- %TEMP%\qs_2b122430\severeweatheralerts.vi.zip
- %TEMP%\qs_2b122430\contentexplorer.vi.zip
- %TEMP%\qs_2b122430\kaspersky.vi.zip
- %TEMP%\qs_2b122430\driversupport.vi.zip
- %TEMP%\qs_2b122430\convertfilesforfree.vi.zip
- %TEMP%\qs_2b122430\speedupmypc_sales_r2_v2.vi.zip
- %TEMP%\qs_2b122430\mypcbackup.vi.zip
- %TEMP%\qs_2b122430\blitzmediaplayeroffer.vi.zip
- %TEMP%\qs_2b122430\resultsbay.vi.zip
- %TEMP%\qs_2b122430\yahoo_hpds_defaultsearch.test.vi.zip
- %TEMP%\qs_2b122430\smartdriverupdater.vi.zip
- %TEMP%\qs_2b122430\nortonantivirus.vi.zip
- %TEMP%\qs_2b122430\arcadeparlor.vi.zip
- %TEMP%\qs_2b122430\yahoosuite.vi.zip
- %TEMP%\qs_2b122430\webbar.vi.zip
- %TEMP%\qs_2b122430\defaulttab.vi.zip
- %TEMP%\qs_2b122430\nortoninternetsecurity.vi.zip
- %TEMP%\qs_2b122430\astroarcade.vi.zip
- %TEMP%\qs_2b122430\slowpcfighter.vi.zip
- %TEMP%\qs_2b122430\uninstallhelper.vi.zip
- %TEMP%\qs_2b122430\statsd.response.txt
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\low\desktop.ini
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\low\content.ie5\desktop.ini
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\low\content.ie5\tn5kgih5\desktop.ini
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\low\content.ie5\tk92q823\desktop.ini
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\low\content.ie5\4li0gvwq\desktop.ini
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\low\content.ie5\mqpufdnr\desktop.ini
- %LOCALAPPDATA%\microsoft\windows\history\low\history.ie5\desktop.ini
- %LOCALAPPDATA%low\cookie.ini
- %TEMP%\qs_2b122430\pcspeedboost.vi.zip
- %TEMP%\qs_2b122430\pcspeedup.vi.zip
- %TEMP%\qs_2b122430\petite_oo_v5.vi.zip
- %TEMP%\qs_2b122430\postback.response.json
- %TEMP%\qs_2b122430\registryhelper.vi.zip
- %TEMP%\qs_2b122430\resultsbay.vi.zip
- %TEMP%\qs_2b122430\rockettab.vi.zip
- %TEMP%\qs_2b122430\savepathdeals.vi.zip
- %TEMP%\qs_2b122430\severeweatheralerts.vi.zip
- %TEMP%\qs_2b122430\slowpcfighter.vi.zip
- %TEMP%\qs_2b122430\smartdriverupdater.vi.zip
- %TEMP%\qs_2b122430\smartpccleaner.vi.zip
- %TEMP%\qs_2b122430\smartweb.vi.zip
- %TEMP%\qs_2b122430\config.xml
- %TEMP%\qs_2b122430\snapdo.vi.zip
- %TEMP%\qs_2b122430\spyhunter.vi.zip
- %TEMP%\qs_2b122430\statsd.response.txt
- %TEMP%\qs_2b122430\uninstallhelper.vi.zip
- %TEMP%\qs_2b122430\weatherbug.vi.zip
- %TEMP%\qs_2b122430\webbar.vi.zip
- %TEMP%\qs_2b122430\websearches.vi.zip
- %TEMP%\qs_2b122430\winferno.vi.zip
- %TEMP%\qs_2b122430\yahoosuite.vi.zip
- %TEMP%\qs_2b122430\yahoo_hpds_defaultsearch.test.vi.zip
- %TEMP%\qs_2b122430\yahoo_hpds_defaultsearch.vi.zip
- %TEMP%\qs_2b122430\yahoo_hpds_startpage.test.vi.zip
- %TEMP%\qs_2b122430\yahoo_hpds_startpage.vi.zip
- %TEMP%\qs_2b122430\yahoo_keepmysettingsx.vi.zip
- %TEMP%\qs_2b122430\omgprivacyshield.vi.zip
- %TEMP%\qs_2b122430\pcoptimizerpro_offer.vi.zip
- %TEMP%\qs_2b122430\omgcleanmypc.vi.zip
- %TEMP%\qs_2b122430\offerbox.vi.zip
- %TEMP%\qs_2b122430\nortonsecurityscan.vi.zip
- %TEMP%\ccd6a27.tmp-shm
- %TEMP%\ccd6a27.tmp-wal
- %TEMP%\ccd6b31.tmp
- %LOCALAPPDATA%low\cookieman.exe
- %TEMP%\ccd6ce7.tmp
- %TEMP%\ccd6ce7.tmp-shm
- %TEMP%\ccd6ce7.tmp-wal
- %TEMP%\ccd6e6e.tmp
- %TEMP%\qs_2b122430\3dfallingleavesawp.vi.zip
- %TEMP%\qs_2b122430\3dfallingleavesawp_13326.txt
- %TEMP%\qs_2b122430\arcadeparlor.vi.zip
- %TEMP%\qs_2b122430\astroarcade.vi.zip
- %TEMP%\qs_2b122430\blitzmediaplayeroffer.vi.zip
- %TEMP%\symccis2.zip
- %TEMP%\qs_2b122430\speedupmypc_sales_r2_v2.vi.zip
- %TEMP%\qs_2b122430\browseignite.vi.zip
- %TEMP%\qs_2b122430\converterfreeonline.vi.zip
- %TEMP%\qs_2b122430\convertfilesforfree.vi.zip
- %TEMP%\qs_2b122430\defaulttab.vi.zip
- %TEMP%\qs_2b122430\driverfighter.vi.zip
- %TEMP%\qs_2b122430\driverscanner.vi.zip
- %TEMP%\qs_2b122430\driversupport.vi.zip
- %TEMP%\qs_2b122430\fulldiskfighter.vi.zip
- %TEMP%\qs_2b122430\kaspersky.vi.zip
- %TEMP%\qs_2b122430\lookthisup.vi.zip
- %TEMP%\qs_2b122430\maxthon.vi.zip
- %TEMP%\qs_2b122430\mypcbackup.vi.zip
- %TEMP%\qs_2b122430\nortonantivirus.vi.zip
- %TEMP%\qs_2b122430\nortoninternetsecurity.vi.zip
- %TEMP%\ccd6a27.tmp
- %TEMP%\qs_2b122430\contentexplorer.vi.zip
- %TEMP%\symccis.dll
- http://1-####taller.com/api/trackofferinstalldetails
- http://su####-smiles.com/
- http://in#####t.appclick.co/api/values/count
- DNS ASK dl#.###0installer.com
- DNS ASK 1-####taller.com
- DNS ASK su####-smiles.com
- DNS ASK in#####t.appclick.co
- '%LOCALAPPDATA%low\cookieman.exe' /mode=read 1-vinstaller.com