Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'QvodTermi' = '%PROGRAM_FILES%\duoduo\QvodTermina.exe'
- %PROGRAM_FILES%\duoduo\kj.exe
- %PROGRAM_FILES%\duoduo\QvodTermina.exe
- %PROGRAM_FILES%\duoduo\box.exe
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://%7########2E%6D%6F%76%69%65sina.cn/
- %HOMEPATH%\Favorites\ОТµД°Щ±¦Пд.lnk
- %HOMEPATH%\Favorites\ОТµДЦчТі.lnk
- %HOMEPATH%\Favorites\МЪС¶ QQ.lnk
- %HOMEPATH%\Favorites\ЙПНшµјєЅ.lnk
- %HOMEPATH%\Favorites\МФ±¦ЙМіЗ.lnk
- %HOMEPATH%\Favorites\ФЪПЯРЎУОП·.lnk
- %HOMEPATH%\Start Menu\Гв·СФЪПЯµзУ°.lnk
- %HOMEPATH%\Start Menu\ЗеґїРЈ»Ё.lnk
- %HOMEPATH%\Start Menu\360°ІИ«дЇААЖч.lnk
- %HOMEPATH%\Favorites\ґуµЁИЛМеТХКх.lnk
- %HOMEPATH%\Favorites\№ИёидЇААЖч.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\ОТµД°Щ±¦Пд.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\ОТµДЦчТі.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\МЪС¶ QQ.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\ЙПНшµјєЅ.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\МФ±¦ЙМіЗ.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\ФЪПЯРЎУОП·.lnk
- %HOMEPATH%\Favorites\Гв·СФЪПЯµзУ°.lnk
- %HOMEPATH%\Favorites\ЗеґїРЈ»Ё.lnk
- %HOMEPATH%\Favorites\360°ІИ«дЇААЖч.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\ґуµЁИЛМеТХКх.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\№ИёидЇААЖч.lnk
- %HOMEPATH%\Start Menu\ЙПНшµјєЅ.lnk
- %HOMEPATH%\Desktop\ОТµД°Щ±¦Пд.lnk
- %HOMEPATH%\Desktop\ОТµДЦчТі.lnk
- %HOMEPATH%\Desktop\МЪС¶ QQ.lnk
- %HOMEPATH%\Desktop\ЙПНшµјєЅ.lnk
- %HOMEPATH%\Desktop\МФ±¦ЙМіЗ.lnk
- %HOMEPATH%\Desktop\ФЪПЯРЎУОП·.lnk
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\a[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\moviesina[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\tb[1].php
- %HOMEPATH%\Desktop\ґуµЁИЛМеТХКх.lnk
- %HOMEPATH%\Desktop\№ИёидЇААЖч.lnk
- %HOMEPATH%\Start Menu\ОТµДЦчТі.lnk
- %HOMEPATH%\Start Menu\ФЪПЯРЎУОП·.lnk
- %HOMEPATH%\Start Menu\ОТµД°Щ±¦Пд.lnk
- %HOMEPATH%\Start Menu\МФ±¦ЙМіЗ.lnk
- %HOMEPATH%\Start Menu\МЪС¶ QQ.lnk
- %HOMEPATH%\Start Menu\ґуµЁИЛМеТХКх.lnk
- %HOMEPATH%\Desktop\ЗеґїРЈ»Ё.lnk
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\mm[1].htm
- %HOMEPATH%\Desktop\Гв·СФЪПЯµзУ°.lnk
- %HOMEPATH%\Start Menu\№ИёидЇААЖч.lnk
- %HOMEPATH%\Desktop\360°ІИ«дЇААЖч.lnk
- %PROGRAM_FILES%\rar\mm.ico
- %PROGRAM_FILES%\rar\movie.ico
- %PROGRAM_FILES%\rar\i.ico
- %PROGRAM_FILES%\rar\chrome.ico
- %PROGRAM_FILES%\rar\daohang.ico
- %PROGRAM_FILES%\rar\q.ico
- %PROGRAM_FILES%\rar\ґуµЁИЛМеТХКх.lnk
- %PROGRAM_FILES%\rar\№ИёидЇААЖч.lnk
- %PROGRAM_FILES%\rar\yx.ico
- %PROGRAM_FILES%\rar\taobao.ico
- %PROGRAM_FILES%\rar\xh.ico
- %PROGRAM_FILES%\duoduo\kj.exe
- %PROGRAM_FILES%\duoduo\res\91555game.ico
- %PROGRAM_FILES%\duoduo\box.exe
- %PROGRAM_FILES%\duoduo\Client.ini
- %PROGRAM_FILES%\duoduo\QvodTermina.exe
- %PROGRAM_FILES%\duoduo\res\Thumbs.db
- %PROGRAM_FILES%\rar\36.ico
- %PROGRAM_FILES%\rar\360°ІИ«дЇААЖч.lnk
- C:\qcfg.ini
- %PROGRAM_FILES%\duoduo\res\b_logo_1.bmp
- %PROGRAM_FILES%\duoduo\res\logo_1.bmp
- %PROGRAM_FILES%\rar\Гв·СФЪПЯµзУ°.lnk
- %HOMEPATH%\Start Menu\Programs\ОТµД°Щ±¦Пд.lnk
- %HOMEPATH%\Start Menu\Programs\ОТµДЦчТі.lnk
- %HOMEPATH%\Start Menu\Programs\МЪС¶ QQ.lnk
- %HOMEPATH%\Start Menu\Programs\ЙПНшµјєЅ.lnk
- %HOMEPATH%\Start Menu\Programs\МФ±¦ЙМіЗ.lnk
- %HOMEPATH%\Start Menu\Programs\ФЪПЯРЎУОП·.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Гв·СФЪПЯµзУ°.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\ЗеґїРЈ»Ё.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\360°ІИ«дЇААЖч.lnk
- %HOMEPATH%\Start Menu\Programs\ґуµЁИЛМеТХКх.lnk
- %HOMEPATH%\Start Menu\Programs\№ИёидЇААЖч.lnk
- %PROGRAM_FILES%\rar\МЪС¶ QQ.lnk
- %PROGRAM_FILES%\rar\ОТµД°Щ±¦Пд.lnk
- %PROGRAM_FILES%\rar\МФ±¦ЙМіЗ.lnk
- %PROGRAM_FILES%\rar\ЗеґїРЈ»Ё.lnk
- %PROGRAM_FILES%\rar\ЙПНшµјєЅ.lnk
- %PROGRAM_FILES%\rar\ОТµДЦчТі.lnk
- %HOMEPATH%\Start Menu\Programs\Гв·СФЪПЯµзУ°.lnk
- %HOMEPATH%\Start Menu\Programs\ЗеґїРЈ»Ё.lnk
- %HOMEPATH%\Start Menu\Programs\360°ІИ«дЇААЖч.lnk
- %PROGRAM_FILES%\rar\ФЪПЯРЎУОП·.lnk
- %TEMP%\nsb3.tmp\inetc.dll
- 'ta####.55515.net':80
- 'localhost':1048
- 'www.mo###sina.cn':80
- '58.##8.199.187':28080
- 'localhost':1035
- 'localhost':1036
- 'www.le##tv.info':80
- ta####.55515.net/bd/tb.php?20######
- www.mo###sina.cn/
- www.le##tv.info/box/mm.htm
- www.le##tv.info/box/a.htm
- DNS ASK www.mo###sina.cn
- DNS ASK ta####.55515.net
- DNS ASK www.le##tv.info
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_WINHELP' WindowName: ''