Technical Information
- '%TEMP%\setup_qd206.exe'
- '%TEMP%\setup_qd206.exe' (downloaded from the Internet)
- %TEMP%\nsp7.tmp\inetc.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\setup_qd206[1].txt
- %HOMEPATH%\Start Menu\Programs\swiffplay\Uninstall.lnk
- %PROGRAM_FILES%\swiffplay\uninst.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\1[1].txt
- %TEMP%\2.exe
- %TEMP%\setup_qd206.exe
- %TEMP%\nsp7.tmp\Base64.dll
- %TEMP%\nsp7.tmp\System.dll
- %TEMP%\nsv3.tmp\Base64.dll
- %TEMP%\nsv3.tmp\inetc.dll
- %TEMP%\nsf2.tmp
- %TEMP%\nsv3.tmp\System.dll
- %TEMP%\nsl4.tmp
- %TEMP%\nsz6.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\iplookup[1].php
- %TEMP%\i.dll
- %TEMP%\nsp7.tmp\inetc.dll
- %TEMP%\nsp7.tmp\System.dll
- %TEMP%\nsl4.tmp
- %TEMP%\nsp7.tmp\Base64.dll
- 'www.qd##zz.com':80
- 'do##.guangsu.cn':80
- 'in#.###ol.sina.com.cn':80
- www.qd##zz.com/t//1.txt
- do##.guangsu.cn/qdn/setup_qd206.txt
- in#.###ol.sina.com.cn/iplookup/iplookup.php
- DNS ASK www.qd##zz.com
- DNS ASK do##.guangsu.cn
- DNS ASK in#.###ol.sina.com.cn
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'