Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] '%ProgramFiles%\Kuai8\K8GM.exe' = '%ProgramFiles%\Kuai8\K8GM.exe:*:Enable...
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%ProgramFiles%\Kuai8\K8GM.exe' = '%ProgramFiles%\Kuai8\K8GM.exe:*:Enab...
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] '%ProgramFiles%\Kuai8\K8Flash.exe' = '%ProgramFiles%\Kuai8\K8Flash.exe:*:...
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%ProgramFiles%\Kuai8\K8Flash.exe' = '%ProgramFiles%\Kuai8\K8Flash.exe:...
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] '%ProgramFiles%\Kuai8\K8DLPlatform.exe' = '%ProgramFiles%\Kuai8\K8DLPlatf...
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%ProgramFiles%\Kuai8\K8DLPlatform.exe' = '%ProgramFiles%\Kuai8\K8DLPla...
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] '%ProgramFiles%\Kuai8\tool\K8RTLFix.exe' = '%ProgramFiles%\Kuai8\tool\K8R...
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%ProgramFiles%\Kuai8\tool\K8RTLFix.exe' = '%ProgramFiles%\Kuai8\tool\K...
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] '%ProgramFiles%\Kuai8\tool\K8PluginFix.exe' = '%ProgramFiles%\Kuai8\tool\...
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%ProgramFiles%\Kuai8\tool\K8PluginFix.exe' = '%ProgramFiles%\Kuai8\too...
- %TEMP%\nsf2.tmp
- %APPDATA%\kuai8\data\local\recent.xml
- %TEMP%\gmtemp\restart.gmt
- %HOMEPATH%\Start Menu\Programs\їм°ЙУОП·\Р¶ФШїм°Й.lnk
- %HOMEPATH%\Start Menu\Programs\їм°ЙУОП·\їм°ЙТіУОґуМь.lnk
- %HOMEPATH%\Start Menu\Programs\їм°ЙУОП·\їм°ЙflashІҐ·ЕЖч.lnk
- %HOMEPATH%\Start Menu\Programs\їм°ЙУОП·\їм°ЙУОП·.lnk
- %HOMEPATH%\Desktop\їм°ЙТіУОґуМь.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\їм°ЙУОП·.lnk
- %APPDATA%\kuai8\data\search.gms-journal
- %ProgramFiles%\Kuai8\audio\complete.wav
- %APPDATA%\kuai8\data\plugin\search.gmx
- %APPDATA%\kuai8\data\plugin\pc.gmx
- %APPDATA%\kuai8\data\plugin\inwl.gmx
- %APPDATA%\kuai8\data\plugin\netwl.gmx
- %APPDATA%\kuai8\data\plugin\window.gmx
- %HOMEPATH%\Desktop\їм°ЙУОП·.lnk
- %ProgramFiles%\Kuai8\tool\K8PluginFix.exe
- %APPDATA%\kuai8\data\search.gms
- %APPDATA%\kuai8\slider\slider_201808_20180829095911108.jpg
- %APPDATA%\kuai8\slider\slider_201605_20160523162136750.gif
- %APPDATA%\kuai8\slider\slider_201809_20180912101055673.jpg
- %APPDATA%\kuai8\slider\slider_201809_20180912101043585.jpg
- %APPDATA%\kuai8\slider\slider_201808_20180809162850497.jpg
- %APPDATA%\kuai8\slider\slider_201808_20180809162846441.jpg
- %APPDATA%\kuai8\slider\slider_201809_20180914103415515.jpg
- %APPDATA%\kuai8\data\plugin\scan.gmx
- %APPDATA%\kuai8\data\local\user.xml
- %APPDATA%\kuai8\slider\slider_201810_20181031143512691.jpg
- %APPDATA%\kuai8\slider\slider_201810_20181022160918766.jpg
- %APPDATA%\kuai8\slider\slider_201810_20181022160902307.jpg
- %APPDATA%\kuai8\slider\slider_201811_20181101151644824.jpg
- %APPDATA%\kuai8\slider\slider_201811_20181101151634386.jpg
- %APPDATA%\kuai8\config\config.ini
- %APPDATA%\kuai8\cache.xml
- %APPDATA%\kuai8\slider\slider_201810_20181031143521521.jpg
- %APPDATA%\kuai8\config\config.xml
- %APPDATA%\kuai8\data\plugin\top.gmx
- %APPDATA%\kuai8\data\plugin\hot.gmx
- %APPDATA%\kuai8\data\database.gmx
- %ProgramFiles%\Kuai8\K8Version.dll
- %ProgramFiles%\Kuai8\Microsoft.VC80.CRT.manifest
- %ProgramFiles%\Kuai8\K8UIRender.dll
- %ProgramFiles%\Kuai8\K8DLPlatform.exe
- %ProgramFiles%\Kuai8\K8DLUtils.dll
- %ProgramFiles%\Kuai8\K8Common.dll
- %ProgramFiles%\Kuai8\K8UrlEncrypt.dll
- %APPDATA%\kuai8\slider\slider_201808_20180829095923892.jpg
- %ProgramFiles%\Kuai8\msvcr80.dll
- %ProgramFiles%\Kuai8\K8Update.exe
- %ProgramFiles%\Kuai8\K8Web.exe
- %ProgramFiles%\Kuai8\K8Browser.exe
- %ProgramFiles%\Kuai8\K8Flash.exe
- %ProgramFiles%\Kuai8\K8GM.exe
- %TEMP%\nsv3.tmp\K8NsisMiniExtend.dll
- %TEMP%\nsv3.tmp\System.dll
- %ProgramFiles%\Kuai8\K8BugReport.exe
- %APPDATA%\kuai8\slider\slider_201809_20180914103410644.jpg
- %ProgramFiles%\Kuai8\Uninstall.exe
- %ProgramFiles%\Kuai8\tool\K8Common.dll
- %ProgramFiles%\Kuai8\tool\K8RestoreWindow.dll
- %ProgramFiles%\Kuai8\tool\K8ShellIcon.dll
- %ProgramFiles%\Kuai8\tool\K8Shell.dll
- %ProgramFiles%\Kuai8\tool_x64\K8ShellIcon.dll
- %ProgramFiles%\Kuai8\tool_x64\K8Shell.dll
- %ProgramFiles%\Kuai8\tool\msvcr80.dll
- %ProgramFiles%\Kuai8\tool\msvcp80.dll
- %ProgramFiles%\Kuai8\tool\K8Bubble.exe
- %ProgramFiles%\Kuai8\tool\Microsoft.VC80.CRT.manifest
- %ProgramFiles%\Kuai8\msvcp80.dll
- %ProgramFiles%\Kuai8\tool\K8RTLFix.exe
- %ProgramFiles%\Kuai8\tool\K8MiniPage.exe
- %ProgramFiles%\Kuai8\tool\K8Tray.exe
- %ProgramFiles%\Kuai8\tool\K8External.exe
- %ProgramFiles%\Kuai8\tool\K8DLUtils.dll
- %ProgramFiles%\Kuai8\tool\K8UIRender.dll
- %ProgramFiles%\Kuai8\tool\K8NetDetect.exe
- %APPDATA%\kuai8\slider\slider_201808_20180829095935504.jpg
- %APPDATA%\kuai8\data\search.gms-journal
- %TEMP%\nsv3.tmp\K8NsisMiniExtend.dll
- %TEMP%\nsv3.tmp\System.dll
- %APPDATA%\kuai8\data\search.gms-journal
- 'up####.kuai8.com':80
- 'st##.kuai8.com':80
- 'se####e.kuai8.com':80
- 'ic##.kuai8.com':80
- http://up####.kuai8.com/update_hot.php?da##########################################################################################
- http://ic##.kuai8.com/slider/201808/20180829095911108.jpg
- http://ic##.kuai8.com/slider/201605/20160523162136750.gif
- http://ic##.kuai8.com/slider/201809/20180912101055673.jpg
- http://ic##.kuai8.com/slider/201809/20180912101043585.jpg
- http://ic##.kuai8.com/slider/201808/20180809162850497.jpg
- http://ic##.kuai8.com/slider/201808/20180809162846441.jpg
- http://up####.kuai8.com/update_tps.php?da########################################################################################################################################################...
- http://ic##.kuai8.com/slider/201809/20180914103415515.jpg
- http://ic##.kuai8.com/slider/201809/20180914103410644.jpg
- http://up####.kuai8.com/update_icon.php?da############################################################################
- http://ic##.kuai8.com/slider/201810/20181031143521521.jpg
- http://ic##.kuai8.com/slider/201810/20181031143512691.jpg
- http://ic##.kuai8.com/slider/201808/20180829095923892.jpg
- http://ic##.kuai8.com/slider/201810/20181022160918766.jpg
- http://ic##.kuai8.com/slider/201810/20181022160902307.jpg
- http://ic##.kuai8.com/slider/201811/20181101151644824.jpg
- http://up####.kuai8.com/update_icon.php?da##########################################################################
- http://ic##.kuai8.com/slider/201811/20181101151634386.jpg
- http://up####.kuai8.com/update_plugin.php?da#####################################################################################################################################################...
- http://up####.kuai8.com/bubble_action.php?da#####################################################################################################################################################...
- http://up####.kuai8.com/update/index.php?da######################################################################################################################################################...
- http://up####.kuai8.com/update_top.php?da####################################################################
- http://se####e.kuai8.com/time.php?da########
- http://st##.kuai8.com/stat.php?da####################################################################
- http://up####.kuai8.com/update_database.php?da########################################################################################
- http://up####.kuai8.com/update_top.php?da##########################################################################################
- http://st##.kuai8.com/online_stat.php?da#########################################################################################################################################################...
- http://ic##.kuai8.com/slider/201808/20180829095935504.jpg
- http://up####.kuai8.com/update_icon.php?da####################################################################
- http://st##.kuai8.com/stat/do_stat.php?da##########################################################################################################
- DNS ASK up####.kuai8.com
- DNS ASK st##.kuai8.com
- DNS ASK se####e.kuai8.com
- DNS ASK ic##.kuai8.com
- ClassName: 'GMBubbleWnd' WindowName: ''
- ClassName: 'GMKuaiBaWnd' WindowName: '????????'
- ClassName: 'GMKuaiBaWnd' WindowName: 'їм°ЙУОП·'
- ClassName: '' WindowName: '????Flash????'
- ClassName: '' WindowName: 'їм°ЙFlashУОП·'
- ClassName: '' WindowName: '????????????'
- ClassName: '' WindowName: 'їм°ЙНшТіУОП·'
- ClassName: '' WindowName: '??????????????'
- ClassName: '' WindowName: 'їм°ЙУОП·дЇААЖч'
- ClassName: 'Progman' WindowName: 'Program Manager'
- ClassName: 'SHELLDLL_DefView' WindowName: ''
- ClassName: 'SysListView32' WindowName: 'FolderView'
- '%ProgramFiles%\Kuai8\K8GM.exe' -update_data
- '%ProgramFiles%\Kuai8\K8Update.exe' -install
- '%ProgramFiles%\Kuai8\K8GM.exe' -show=3 -atonce
- '%ProgramFiles%\Kuai8\tool\K8Bubble.exe' -query_action
- '%ProgramFiles%\Kuai8\K8Update.exe' -update -delay=3 -type=1
- '<SYSTEM32>\regsvr32.exe' /s "%ProgramFiles%\Kuai8\tool\K8Shell.dll"
- '<SYSTEM32>\regsvr32.exe' /s "%ProgramFiles%\Kuai8\tool\K8ShellIcon.dll"