Technical Information
- [HKLM\SOFTWARE\Classes\fsp\shell\open\command] '' = '"%ProgramFiles(x86)%\Funshion Online\Funshion\Funshion.exe" "%1"'
- [HKLM\Software\Classes\Funshion Task\shell\open\Command] '' = '"%ProgramFiles(x86)%\Funshion Online\Funshion\Funshion.exe" "%1" /dummy'
- [HKLM\Software\Wow6432Node\MicroSoft\windows\CurrentVersion\Run] 'Funshion' = '%ProgramFiles(x86)%\Funshion Online\Funshion\Funshion.exe /tray'
- %TEMP%\nsye1b7.tmp
- %HOMEPATH%\funshion\cacheflash\donghua3_18.swf
- %TEMP%\funshion.ini
- %WINDIR%\syswow64\coreaac.ax
- %WINDIR%\syswow64\aac_parser.ax
- %WINDIR%\syswow64\rmsp.ax
- %ProgramFiles(x86)%\funshion online\funshion\drvc.dll
- %ProgramFiles(x86)%\funshion online\funshion\cook.dll
- %ProgramFiles(x86)%\funshion online\funshion\rmoc3260.dll
- %ProgramFiles(x86)%\funshion online\funshion\pndx5032.dll
- %ProgramFiles(x86)%\funshion online\funshion\pndx5016.dll
- %ProgramFiles(x86)%\funshion online\funshion\pncrt.dll
- %HOMEPATH%\funshion.ini
- %WINDIR%\syswow64\funshion.ini
- %ProgramFiles(x86)%\funshion online\funshion\xpsp2patch\bmps\en_rcmd.bmp
- %ProgramFiles(x86)%\funshion online\funshion\xpsp2patch\bmps\en_fin.bmp
- %HOMEPATH%\funshion\cacheflash\donghua1_16.swf
- %HOMEPATH%\funshion\flash-1.swf
- %TEMP%\getmacaddress.dll
- %ProgramFiles(x86)%\funshion online\funshion\funshionimg.jpg
- %TEMP%\nsof152.tmp\nsisdl.dll
- %TEMP%\nsof152.tmp\md5dll.dll
- %ProgramFiles(x86)%\funshion online\funshion\uninstall.exe
- %ProgramFiles(x86)%\funshion online\funshion\faq.url
- %ProgramFiles(x86)%\funshion online\funshion\updatehistory.url
- %ProgramFiles(x86)%\funshion online\funshion\softwaredown.url
- %ProgramFiles(x86)%\funshion online\funshion\softreadme.url
- %APPDATA%\microsoft\internet explorer\quick launch\funshion movie on demand.lnk
- %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\funshion\uninstall funshion movie on demand.lnk
- %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\funshion\update history.lnk
- %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\funshion\faq.lnk
- %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\funshion\download more decoders.lnk
- %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\funshion\what's funshion.lnk
- C:\users\public\desktop\funshion movie on demand.lnk
- %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\funshion\funshion movie on demand.lnk
- %ProgramFiles(x86)%\funshion online\funshion\xpsp2patch\bmps\ch_rcmd.bmp
- %HOMEPATH%\funshion\cacheflash\blankfs.swf
- %ProgramFiles(x86)%\funshion online\funshion\xpsp2patch\bmps\ch_fin.bmp
- %TEMP%\installfilescn2.bmp
- %TEMP%\installpathen.bmp
- %TEMP%\installpathcn.bmp
- %TEMP%\licenseen.bmp
- %TEMP%\licensecn.bmp
- %TEMP%\welcome.bmp
- %TEMP%\blank.bmp
- %TEMP%\instpath.ini
- %TEMP%\welcomepage.ini
- %TEMP%\nsof152.tmp\instpath.ini
- %TEMP%\nsof152.tmp\welcomepage.ini
- %TEMP%\nsof152.tmp\killprocdll.dll
- %TEMP%\nsof152.tmp\findprocdll.dll
- %TEMP%\nsof152.tmp\system.dll
- <Current directory>\temp\legendlog.ini
- %TEMP%\legendlog.ini
- %TEMP%\installfilescn3.bmp
- %TEMP%\installfilesen3.bmp
- %ProgramFiles(x86)%\funshion online\funshion\xpsp2patch\bmps\5.bmp
- %TEMP%\installfilesen2.bmp
- %ProgramFiles(x86)%\funshion online\funshion\xpsp2patch\bmps\4.bmp
- %ProgramFiles(x86)%\funshion online\funshion\xpsp2patch\bmps\3.bmp
- %ProgramFiles(x86)%\funshion online\funshion\xpsp2patch\evid4226-vc80-mt.exe
- %ProgramFiles(x86)%\funshion online\funshion\xpsp2patch\installlangam.dll
- %ProgramFiles(x86)%\funshion online\funshion\xpsp2patch\funshioninstall.exe
- %ProgramFiles(x86)%\funshion online\funshion\xmllite.dll
- %ProgramFiles(x86)%\funshion online\funshion\quality.dll
- %ProgramFiles(x86)%\funshion online\funshion\funshionplugin2.dll
- %ProgramFiles(x86)%\funshion online\funshion\dbghelp.dll
- %ProgramFiles(x86)%\funshion online\funshion\routersetting.dll
- %ProgramFiles(x86)%\funshion online\funshion\pausewebclosebtn.bmp
- %ProgramFiles(x86)%\funshion online\funshion\langresenamerican.dll
- %ProgramFiles(x86)%\funshion online\funshion\getmacaddress.dll
- %ProgramFiles(x86)%\funshion online\funshion\funshion.exe
- %ProgramFiles(x86)%\funshion online\funshion\crashreport.exe
- %ProgramFiles(x86)%\funshion online\funshion\xpsp2patch\bmps\dialog.bmp
- %ProgramFiles(x86)%\funshion online\funshion\xpsp2patch\install.ini
- %ProgramFiles(x86)%\funshion online\funshion\getmacaddress.dll
- %TEMP%\nsof152.tmp\nsisdl.dll
- %TEMP%\nsof152.tmp\md5dll.dll
- %TEMP%\nsof152.tmp\killprocdll.dll
- %TEMP%\nsof152.tmp\instpath.ini
- %TEMP%\nsof152.tmp\findprocdll.dll
- %TEMP%\installfilesen3.bmp
- %TEMP%\installfilesen2.bmp
- %TEMP%\installfilescn3.bmp
- %TEMP%\nsof152.tmp\system.dll
- %TEMP%\installfilescn2.bmp
- %TEMP%\installpathen.bmp
- %TEMP%\installpathcn.bmp
- %TEMP%\licenseen.bmp
- %TEMP%\licensecn.bmp
- %TEMP%\welcome.bmp
- %TEMP%\instpath.ini
- %TEMP%\welcomepage.ini
- %TEMP%\funshion.ini
- %TEMP%\blank.bmp
- %TEMP%\nsof152.tmp\welcomepage.ini
- from %TEMP%\legendlog.ini to %LOCALAPPDATA%\temp
- 'pa#####.funshion.com':80
- http://pa#####.funshion.com/partner/install_statistic.php?s=#####################################################################################
- http://www.fu###ion.com/help/soft
- http://pa#####.funshion.com/partner/query_binding_config.php?ch##############
- DNS ASK pa#####.funshion.com
- DNS ASK fu###ion.com
- '%ProgramFiles(x86)%\funshion online\funshion\xpsp2patch\funshioninstall.exe'
- '%ProgramFiles(x86)%\funshion online\funshion\xpsp2patch\evid4226-vc80-mt.exe'
- '%WINDIR%\syswow64\regsvr32.exe' /s "<SYSTEM32>\rmsp.ax"
- '%WINDIR%\syswow64\regsvr32.exe' /s "<SYSTEM32>\aac_parser.ax"
- '%WINDIR%\syswow64\regsvr32.exe' /s "<SYSTEM32>\CoreAAC.ax"
- '%WINDIR%\syswow64\regsvr32.exe' /s "<SYSTEM32>\quartz.dll"
- '%ProgramFiles(x86)%\funshion online\funshion\xpsp2patch\evid4226-vc80-mt.exe' ' (with hidden window)