Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'microsofthelp' = '%WINDIR%\microsofthelp.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%APPDATA%\QvodSetup5.exe' = '%APPDATA%\QvodSetup5.exe:*:Enabled:QVOD'
- %WINDIR%\microsofthelp.exe
- %APPDATA%\QvodSetup5.exe
- %APPDATA%\2.exe
- %WINDIR%\HidePlugin.dll
- %TEMP%\3.bmp
- %TEMP%\qd5.ini
- %TEMP%\2.bmp
- %APPDATA%\QvodSetup5.exe
- %APPDATA%\2.exe
- %TEMP%\1.bmp
- %WINDIR%\microsofthelp.exe
- %APPDATA%\2.exe
- 'u.###cps.info':896
- 'qd.##aibo.com':80
- qd.##aibo.com/qd5.jpg
- DNS ASK u.###cps.info
- DNS ASK qd.##aibo.com
- '<Private IP address>':1041
- '<Private IP address>':1037
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''