StartPage-NY!25C4D275​E455

This page shows details and results of our analysis on the malware StartPage-NY!25C4D275E455

Overview

This is a Trojan detection. Unlike viruses, Trojans do not self-replicate. They are spread manually, often under the premise that they are beneficial or wanted. The most common installation methods involve system or security exploitation, and unsuspecting users manually executing unknown programs. Distribution channels include e-mail, malicious or hacked Web pages, Internet Relay Chat (IRC), peer-to-peer networks, etc.


Minimum Engine

5600.1067

File Length

224206

Description Added

2014-03-31

Description Modified

2014-03-31

Malware Proliferation

Characteristics

This is a Trojan

File PropertiesProperty Values
McAfee DetectionStartPage-NY
Length224206 bytes
MD525c4d275e4552c49f4633eccf8c78518
SHA1de7de8120f2cfcb804d431715630f23d298e0314


Other Common Detection Aliases

Company NamesDetection Names
avastNSIS:Adware-MT [PUP]
Dr.WebAdware.Downware.2397
FortiNetW32/StartPage.NY!tr
SymantecSuspicious.Cloud.2
EsetNSIS/TrojanDownloader.Grinidou.B trojan
SophosMal/Generic-S
Trend MicroTROJ_GEN.R0CBH06CU14
vba32Trojan.Downloader.gen.h (suspected)

Other brands and names may be claimed as the property of others.


ActivitiesRisk Levels
Attempts to connect to a high risk domain that may pose a security risk.High
Attempts to download an executable file from the web.Medium
Attempts to connect to a medium risk domain that may pose a minor security risk.Medium
Creates one or more shortcuts (.LNK files) to provide user accessible links to start a program usually form the desktop or start menu.Low
Enumerates many system files and directories.Low
Process attempts to call itself recursivelyLow
No digital signature is presentInformational


McAfee ScansScan Detections
McAfee BetaStartPage-NY
McAfee SupportedStartPage-NY



System Changes

Some path values have been replaced with environment variables as the exact location may vary with different configurations.
e.g.
%WINDIR% = \WINDOWS (Windows 9x/ME/XP/Vista/7), \WINNT (Windows NT/2000)
%PROGRAMFILES% = \Program Files


The following files were analyzed:

DE7DE8120F2CFCB804D431715630F23D298E0314

The following files have been added to the system:

  • %PROGRAMFILES%\\Skin\Default\loading\network_off.swf
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_close_tips_hover.png
  • %WINDIR%\SYSTEM32\IME\PINTLGNT\PINTLGNT.CHM
  • %WINDIR%\IME\CHTIME\Applets\CHTSKDIC.DLL
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\scroll_slider_top.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_afv_normal.png
  • %WINDIR%\IME\imjp8_1\imjpdsvr.exe
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_showMainCtrl_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_cycleplay_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_finder_normal.png
  • %PROGRAMFILES%\\sohu.ico
  • %PROGRAMFILES%\\Skin\Default\player\Frames\lyric_btn_search_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_download_begin_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_pause_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_showconsole_normal.png
  • %PROGRAMFILES%\\Codecs\Real\atrc.dll
  • %PROGRAMFILES%\\Skin\Default\player\menu\select\menu_select_middle_1.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_retshow_hover.png
  • %PROGRAMFILES%\\UploadUI.dll
  • %PROGRAMFILES%\\shilsp.exe
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_reverse_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_searchclosenormal.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_playerminus_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\sliderbar_rightpart_right.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\loading_light.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\us_complete.png
  • %PROGRAMFILES%\\SHUpdate.exe
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_home_pre_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_restore_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_download_pause_disable.png
  • %WINDIR%\IME\IMJP8_1\DICTS\imjpcd.dic
  • %PROGRAMFILES%\\Skin\Default\player\window\windows_bg_bottom.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_2x_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_shutdownset_normal.png
  • %WINDIR%\SYSTEM32\quick.ime
  • %WINDIR%\SYSTEM32\CINTLGNT.IME
  • %WINDIR%\IME\imjp8_1\imjpmig.exe
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_tool_3d_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_play_hover.png
  • %WINDIR%\SYSTEM32\IME\PINTLGNT\PINTLGNE.CHM
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_close_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_preLoad_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_download_delete_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_gotop_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_frametap_pressed.png
  • %PROGRAMFILES%\\Codecs\evrcp.dll
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_tap_sel.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\lyric_btn_desktop_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_tap_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\us_one.png
  • %USERPROFILE%\Desktop\.lnk
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_treecycle_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_gk_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_reverse_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\window\r_close-hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_retFrameVib_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\Thumbs.db
  • %PROGRAMFILES%\\Codecs\pncrt.dll
  • %PROGRAMFILES%\\Skin\Default\player\window\warning_black.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\i_no_active_old.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_font_smart_normal.png
  • %PROGRAMFILES%\\SHDLNAPlayer.dll
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_showMainCtrl_hoverl.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_share_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_previous_hover.png
  • %WINDIR%\SYSTEM32\dayi.ime
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_stop_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_retFrameVib_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_TVSeries_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\menu\top_right.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\dlna_btn_refresh_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_rotate_right_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_showtree_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\scroll_arrowright_pressed.png
  • %PROGRAMFILES%\\SoHuLiveUpdate.exe
  • %PROGRAMFILES%\\Skin\Default\loading\generalloading2.swf
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\progressbar_bk.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\lyric_btn_cancel_normal.png
  • %WINDIR%\IME\imjp8_1\cplexe.exe
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_retFrameVib_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_soundadd_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\dlna_btn_refresh_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_preLoad_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\scroll_slider_middle.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_exnode_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_share_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\us_zero.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_dwdopenfloder_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_tool_set_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_frametap_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\window\win_normal_rb.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\cs_zhizhen_0.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_font_big_pressed.png
  • %PROGRAMFILES%\\shlsp.dll
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_play_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_livemessage_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_exnode_hover.png
  • %WINDIR%\SYSTEM32\miniime.tpl
  • %PROGRAMFILES%\\uninstall.exe
  • %PROGRAMFILES%\\SHBrowser.dll
  • %PROGRAMFILES%\\Skin\Default\player\Frames\lyric_btn_do_search_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\toolbar_bg.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_treefileopen_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\combo_text_right_normal.png
  • %WINDIR%\SYSTEM32\IME\TINTLGNT\TINTLPHR.EXE
  • %PROGRAMFILES%\\Skin\Default\player\icon\mkv.ico
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_sound_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_treefileopen_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_openfloder_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_settype_normal.png
  • %WINDIR%\IME\imjp8_1\imjprw.exe
  • %WINDIR%\IME\imkr6_1\imekrcic.dll
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_tool_definition_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_hideconsole_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\sliderbar_leftpart.png
  • %PROGRAMFILES%\\Skin\Default\loading\dlnaconnecting.swf
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_1x_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_font_smart_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_soundadd_normal.png
  • %WINDIR%\SYSTEM32\chajei.ime
  • %PROGRAMFILES%\\Skin\Default\player\menu\select\menu_select_left_1.png
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_max_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\dlna_btn_ok_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\dlna_warning.png
  • %PROGRAMFILES%\\Skin\Default\player\icon\3gp.ico
  • %PROGRAMFILES%\\Skin\Default\player\Frames\Bubble_small_up.png
  • %PROGRAMFILES%\greeou\GreenDou.exe
  • %PROGRAMFILES%\\SHRes.exe
  • %PROGRAMFILES%\\Skin\Default\player\Frames\lyric_btn_desktop_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\icon\flv.ico
  • %WINDIR%\SYSTEM32\kbd101c.dll
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_downloadset_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_title_pressed.png
  • %PROGRAMFILES%\\Skin\Default\logo\logo-1.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_resotre_normal_top.png
  • %PROGRAMFILES%\\Skin\Default\player\menu\bottom_center.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_clmsg_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\sliderbar_slider_disable.png
  • %WINDIR%\IME\CHTIME\Applets\CHTSKF.DLL
  • %WINDIR%\SYSTEM32\kbd103.dll
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_radio_common_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_playerAdd_pressed.png
  • %WINDIR%\SYSTEM32\IME\CINTLGNT\CINTSETP.EXE
  • %PROGRAMFILES%\\Codecs\Real\14_43260.dll
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_down_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_history_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\icon\mov.ico
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_rotate_right_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_downloadset_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\download_pause.png
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_refresh_normal.png
  • %PROGRAMFILES%\\SHUploader.dll
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\desk_left.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_dwdplay_hover.png
  • %PROGRAMFILES%\\D3DX9_43.dll
  • %WINDIR%\SYSTEM32\uniime.dll
  • %PROGRAMFILES%\\Skin\Default\player\Frames\dbtn_shortcut_create_hover.png
  • %WINDIR%\SYSTEM32\kbd101b.dll
  • %PROGRAMFILES%\\Skin\Default\player\menu\bottom_left.png
  • %WINDIR%\IME\CHSIME\applets\PINTLCSA.DLL
  • %PROGRAMFILES%\\Skin\Default\player\Frames\Bubble_down.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_download_delete_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\window\win_normal_cb.png
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_unstick_hover.png
  • %PROGRAMFILES%\\Codecs\mkzlib.dll
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_font_big_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_common_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_next_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\us_network_err.png
  • %PROGRAMFILES%\\Skin\Default\player\icon\asf.ico
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_treecycle_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_hidetree_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_1x_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_resotre_hover_top.png
  • %PROGRAMFILES%\\Codecs\vsfilter.dll
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_pushset_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_down_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_soundless_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_2x_pressed.png
  • %WINDIR%\SYSTEM32\imekr61.ime
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_download_delete_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_treedelete_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_next_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_treeclose_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\dlna_btn_back_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\i_no_hover_old.png
  • %PROGRAMFILES%\\TaskBarBt\.lnk
  • %PROGRAMFILES%\\Skin\Default\player\window\win_normal_bottom.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_maintap_sel.png
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_unstick_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\us_two.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\us_queue.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_previous_pressed.png
  • %PROGRAMFILES%\\avutil-51.dll
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_treedelete_hover.png
  • %WINDIR%\SYSTEM32\TINTLGNT.IME
  • %WINDIR%\SYSTEM32\phon.ime
  • %PROGRAMFILES%\\Codecs\libmpeg2_ff.dll
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_home_next_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_next_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\smart_bkline.png
  • %PROGRAMFILES%\\Skin\Default\player\window\win_normal_lb.png
  • %WINDIR%\SYSTEM32\IME\PINTLGNT\PINTLGS.IMD
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_open_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\sliderbar_rightpart_left.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_speedshow_pressed.png
  • %PROGRAMFILES%\\SHDownloader.dll
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_openfloder_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\dlna_btn_refresh_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_shutdownset_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_episode_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_treeexpansion_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_upload_video_nor.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_set_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_tool_definition_normal.png
  • %PROGRAMFILES%\\CrashSubmit.exe
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_finder_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\combo_text_left_normal.png
  • %PROGRAMFILES%\\uninstall.ico
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_tree_played.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\cs_btn_common_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\combo_text_center_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\search_bk.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_detail_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_downloadset_disable.png
  • %PROGRAMFILES%\\Skin\Default\loading\Focus.xml
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_nv_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\sliderbar_playerset_bk.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_home_pre_down.png
  • %PROGRAMFILES%\\StartBarBt\.lnk
  • %PROGRAMFILES%\\Skin\Default\loading\playerstop.swf
  • %WINDIR%\IME\imjp8_1\imjpcic.dll
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_miniclose_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\loading_btn_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\lyric_btn_cancel_hover.png
  • %PROGRAMFILES%\\avcodec-53.dll
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\sliderbar_rightpart.png
  • %PROGRAMFILES%\\SHResTool.dll
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_del_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\lyric_btn_cancel_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\window\r_min-nomal.png
  • %WINDIR%\IME\SHARED\res\PADRS404.DLL
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_showconsole_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_maintap_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\us_three.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\combo_btn_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\dlna_btn_ok_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\i_no_link.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\point.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_settype_sel.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_common_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\lyric_btn_ok_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_treefresh_pressed.png
  • %PROGRAMFILES%\\Codecs\Real\ralf.dll
  • %PROGRAMFILES%\\VADSDisplay.dll
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_nv_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_operating_disable.png
  • %PROGRAMFILES%\\Skin\Default\loading\error.html
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_download_pause_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\tree_search_bk_normal.png
  • %PROGRAMFILES%\\flyfoxLocalPlayer.dll
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_share_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\icon\mp4.ico
  • %PROGRAMFILES%\\SohuVA.exe
  • %PROGRAMFILES%\\Codecs\ffdshow.ax
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_dwdplay_normal.png
  • %WINDIR%\SYSTEM32\IME\PINTLGNT\PINTLGIX.IMD
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\cs_red_progress.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_gotop_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_history_disable.png
  • %PROGRAMFILES%\\Codecs\coreavc.ax
  • %PROGRAMFILES%\\Skin\Default\loading\sohuspecialty.swf
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_searchclose_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_treesearch_hover.png
  • %PROGRAMFILES%\\FileAssociationsTool.exe
  • %PROGRAMFILES%\\logo.ico
  • %PROGRAMFILES%\\Codecs\coreaac.ax
  • %WINDIR%\IME\SHARED\res\padrs804.dll
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\progressbar_preload.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\dlna_btn_open_disable.png
  • %PROGRAMFILES%\\Codecs\mkunicode.dll
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_username_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_rotate_left_hover.png
  • %WINDIR%\IME\imjp8_1\imjputyc.dll
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_1x_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_tool_cutprint_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_retry_n.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_gotop_hover.png
  • %PROGRAMFILES%\\Codecs\Real\raac.dll
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_del_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_livemessage_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\window\r_min-pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\icon\3gp2.ico
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_addtap_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_TVSeries_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_set_disable.png
  • %TEMP%\360Inst_sohuyy.exe
  • %PROGRAMFILES%\\Codecs\ac3filter.dll
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_detail_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_stick_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_fullshow_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_tool_3d_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_checkbox_checked_normal.png
  • %PROGRAMFILES%\\TestSpeedUI.dll
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_showtree_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_username_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_smartset_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\i_no_active.png
  • %WINDIR%\IME\imjp8_1\imjpinst.exe
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_upload_video_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_play_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_episode_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_treefresh_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_pause_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_history_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_down_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_dwdopenfloder_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_preLoad_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\lyric_btn_desktop_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\dlna_btn_back_normal.png
  • %WINDIR%\SYSTEM32\romanime.ime
  • %PROGRAMFILES%\\Codecs\mkx.dll
  • %PROGRAMFILES%\\SoHuAutoDetector.dll
  • %WINDIR%\SYSTEM32\IME\PINTLGNT\PINTLGR.IMD
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_shutdownset_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\scroll_arrowdown_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_radio_commonchecked_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_sound_forbidden_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\dbtn_shortcut_del_normal.png
  • %PROGRAMFILES%\\SHPlayer.exe
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_home_pre_hover.png
  • %PROGRAMFILES%\\SHToolTip.dll
  • %PROGRAMFILES%\greeou\PopWinParam.xml
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\tree_search_bk_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_treedelete_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_resotre_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_play_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_soundless_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_nv_hover.png
  • %PROGRAMFILES%\\PlayerEngine.dll
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_2x_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_tool_3d_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\window\win_normal_top.png
  • %WINDIR%\SYSTEM32\IME\CINTLGNT\CINTIME.DLL
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\progressbar_right.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_fullshow_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_play_disable.png
  • %PROGRAMFILES%\\Codecs\matroskasplitter.ax
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_username_pressed.png
  • %PROGRAMFILES%\\avformat-53.dll
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_upload_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_showconsole_hover.png
  • %PROGRAMFILES%\\Codecs\ijl15.dll
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_treefresh_normal.png
  • %PROGRAMFILES%\\SohuDetector.dll
  • %WINDIR%\SYSTEM32\IME\PINTLGNT\PINTLGDX.IMD
  • %PROGRAMFILES%\\Skin\Default\player\upload\downloaed_flag.png
  • %WINDIR%\SYSTEM32\IME\PINTLGNT\PINTLGL.IMD
  • %PROGRAMFILES%\\Skin\Default\player\window\warning.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_fullshow_hover_top.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\progressbar_mid.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_treedelete_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_fullshow_pressed_top.png
  • %WINDIR%\SYSTEM32\PINTLGNT.IME
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_open_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\Divid_Line.png
  • %PROGRAMFILES%\\Codecs\ff_kernelDeint.dll
  • %PROGRAMFILES%\\Codecs\ff_libfaad2.dll
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_showconsole_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\logo\logo_max.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_hidetree_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_treefileopen_normal.png
  • %WINDIR%\IME\CHSIME\applets\PINTLCSK.DIC
  • %PROGRAMFILES%\\Skin\Default\player\menu\middle_right.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_fast_hover.png
  • %PROGRAMFILES%\\.url
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_livemessage_hover.png
  • %PROGRAMFILES%\\Skin\Default\logo\ifoxIcon.ico
  • %PROGRAMFILES%\\shlspdisp.exe
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_minishow_normal.png
  • %WINDIR%\SYSTEM32\imjp81k.dll
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_retry_p.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\dlna_btn_open_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_miniclose_hover.png
  • %PROGRAMFILES%\\Codecs\Real\dnet3260.dll
  • %PROGRAMFILES%\\Skin\Default\player\upload\us_start.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\sliderbar_rightpart_center.png
  • %PROGRAMFILES%\\Codecs\Real\sipr.dll
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_title_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_stick_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\lyric_btn_desktop_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_pause_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\icon\rmvb.ico
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_close_hover.png
  • %PROGRAMFILES%\\Codecs\FLVSplitter.ax
  • %WINDIR%\IME\imjp8_1\imjputy.exe
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_unstick_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\dbtn_shortcut_create_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_dwdopenfloder_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_frametap_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_treeIe_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\ToolBar_Spliter.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_down_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_minishow_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_exnode_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_checkbox_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_treefresh_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\dbtn_shortcut_del_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_set_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\sliderbar_palyerset_top.png
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_shutdownset_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_downloadset_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_smartset_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\scroll_arrowleft_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_stop_disable.png
  • %WINDIR%\IME\imjp8_1\imjpcus.dll
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_treearrow_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_refresh_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_resotre_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_treeLess_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\menu\bottom_right.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\scroll_slider_bottom.png
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_restore_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_retFrameVib_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_common_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_font_smart_disable.png
  • %PROGRAMFILES%\\Codecs\ffmpeg.dll
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_treearrow_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_max_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_tool_set_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_pause_hover.png
  • %PROGRAMFILES%\\Codecs\Real\drvc.dll
  • %WINDIR%\IME\IMJP8_1\applets\voicepad.dll
  • %PROGRAMFILES%\\Skin\Default\player\icon\avi.ico
  • %WINDIR%\IME\IMJP8_1\applets\voicesub.dll
  • %PROGRAMFILES%\\Codecs\ff_liba52.dll
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_pushset_hover.png
  • %PROGRAMFILES%\\SohuTool.dll
  • %PROGRAMFILES%\\codecs\RealMediaSplitter.ax
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_speedhide_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\lyric_btn_ok_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_font_big_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\message_box.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_openfloder_hover.png
  • %PROGRAMFILES%\\SHUploadFile.dll
  • %PROGRAMFILES%\\Codecs\Real\drv2.dll
  • %PROGRAMFILES%\\Skin\Default\player\Frames\smart_bk.png
  • %PROGRAMFILES%\\SHControl.dll
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\progressbar_left_old.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\dlna_btn_open_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_playerAdd_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_fullshow_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\scroll_h_bg_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_afv_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\logo\logo.ico
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_corner_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_fullshow_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_refresh_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_cycleplay_disable.png
  • %PROGRAMFILES%\\LivePlayPlugin.dll
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_stick_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_sliderval_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_episode_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_pause_disable.png
  • %WINDIR%\SYSTEM32\IME\TINTLGNT\TMIGRATE.DLL
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_close_tips_nor.png
  • %WINDIR%\SYSTEM32\IME\PINTLGNT\IMSCINST.EXE
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_soundadd_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\window\win_bakground_normal.png
  • %PROGRAMFILES%\\Codecs\ff_libmad.dll
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_tool_3d_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\pushset_line.png
  • %WINDIR%\SYSTEM32\IME\PINTLGNT\PINTLGC.IMD
  • %PROGRAMFILES%\\Skin\Default\player\icon\wmv.ico
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_addtap_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_speedshow_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_hideconsole_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\cs_btn_common_pressed.png
  • %PROGRAMFILES%\\SHPlayerCommon.dll
  • %PROGRAMFILES%\\SohuPlugin.dll
  • %PROGRAMFILES%\\Skin\Default\player\logo\Navigation.png
  • %PROGRAMFILES%\\Skin\Default\player\menu\top_center.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\bp.png
  • %PROGRAMFILES%\\Codecs\mp4splitter.ax
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_play_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_clearlist_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_play_nor.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_clearlist_normal.png
  • %PROGRAMFILES%\\Skin\Default\loading\generalloading.swf
  • %PROGRAMFILES%\\Skin\Default\player\upload\us_pause.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_gk_pressed.png
  • %WINDIR%\SYSTEM32\IME\PINTLGNT\PINTLGI.IMD
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_TVSeries_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_pause_nor.png
  • %WINDIR%\IME\imjp8_1\imjpdct.exe
  • %WINDIR%\IME\CHSIME\applets\PINTLCSD.DLL
  • %PROGRAMFILES%\\Skin\Default\player\Frames\lyric_btn_do_search_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_rotate_left_pressed.png
  • %WINDIR%\IME\CHSIME\applets\PINTLCSD.DIC
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\progressbar_bk_old.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_tool_copyrul_pressed.png
  • %WINDIR%\SYSTEM32\kbdkor.dll
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_TVSeries_hover.png
  • %PROGRAMFILES%\\Codecs\ogm.dll
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_rotate_right_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_exnode_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_pushset_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_tree_noplay.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\scroll_bg_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\combo_btn_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_finder_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\progressbar_left.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_minishow_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_resotre_hover.png
  • %PROGRAMFILES%\\PlayerUtilits.dll
  • %PROGRAMFILES%\\UiResource.dll
  • %PROGRAMFILES%\\Skin\Default\loading\Main.swf
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_download_pause_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\download_loading.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_tree_playing.png
  • %PROGRAMFILES%\\DownloadUI.dll
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_showtree_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\lyric_btn_do_search_normal.png
  • %PROGRAMFILES%\\sohu.cfg
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_resotre_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_pause_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\lyric_pic_warn.png
  • %PROGRAMFILES%\\Skin\Default\player\window\win_normal_rc.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_reverse_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_hideconsole_disable.png
  • %PROGRAMFILES%\\Skin\Default\loading\playerloading.swf
  • %PROGRAMFILES%\\Sohuept.dll
  • %WINDIR%\SYSTEM32\IME\PINTLGNT\PINTLPHR.EXE
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_play_hover.png
  • %PROGRAMFILES%\\Codecs\mp4.dll
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_download_pause_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_treecycle_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_fast_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\sliderbar_slider_hover.png
  • %PROGRAMFILES%\\plugin.xml
  • %PROGRAMFILES%\\SHApp.dll
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_cycleplay_hover.png
  • %PROGRAMFILES%\\PlayerPlugin.dll
  • %PROGRAMFILES%\\Codecs\mpegsplitter.ax
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\cs_yuan.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\dlna_btn_ok_disabel.png
  • %PROGRAMFILES%\\Codecs\Real\28_83260.dll
  • %PROGRAMFILES%\\Codecs\ff_samplerate.dll
  • %WINDIR%\SYSTEM32\kbd106.dll
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_treeclose_disable.png
  • %WINDIR%\SYSTEM32\kbdjpn.dll
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\cs_btn_common_normal.png
  • %PROGRAMFILES%\\SHGameRes.exe
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_open_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\window\r_min-hover.png
  • %PROGRAMFILES%\\Skin\Default\player\window\win_normal_ct.png
  • %WINDIR%\SYSTEM32\ime\tintlgnt\tintsetp.exe
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_afv_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_operating_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_upload_video_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\icon\asx.ico
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_del_nor.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_del_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_font_smart_hover.png
  • %PROGRAMFILES%\\SHUdpTool.dll
  • %WINDIR%\IME\CHTIME\Applets\CHTMBX.DLL
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\cs_zhizhen_1.png
  • %PROGRAMFILES%\\Skin\Default\player\window\r_close-nomal.png
  • %PROGRAMFILES%\\Skin\Default\player\window\win_set_topBK.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_tool_cutprint_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_home_next_down.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_tool_definition_pressed.png
  • %PROGRAMFILES%\\HotGamePlugin.dll
  • %WINDIR%\IME\imjp8_1\imjpdct.dll
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_2x_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_title_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_previous_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\window\win_normal_lt.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_home_pre_nor.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\scroll_sliderbg_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_clmsg_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_detail_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_fast_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_open_normal.png
  • %WINDIR%\SYSTEM32\IME\PINTLGNT\PMIGRATE.DLL
  • %PROGRAMFILES%\\Skin\Default\player\upload\us_five.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_retShow_normal.png
  • %PROGRAMFILES%\\Codecs\audioswitcher.ax
  • %ALLUSERSPROFILE%\Start Menu\Programs\\.lnk
  • %TEMP%\Sohuva_installer.7z
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_episode_pressed.png
  • %PROGRAMFILES%\\HomePagePlugin.dll
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_treeclose_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_clearlist_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\dlna_btn_open_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\i_no_link_old.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_resotre_pressed_top.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_rotate_right_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_speedhide_normal.png
  • %PROGRAMFILES%\\Codecs\ff_unrar.dll
  • %PROGRAMFILES%\\VideoConsolePlugin.dll
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_dwdplay_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\Bubble_up.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_treeclose_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_smartset_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_sound_forbidden_hover.png
  • %WINDIR%\IME\imjp8_1\imjpinst.ini
  • %PROGRAMFILES%\\.ico
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_pause_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\scroll_arrowup_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_showMainCtrl_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_tool_set_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\download_deletetask.png
  • %PROGRAMFILES%\\Skin\Default\player\menu\top_left.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_hideconsole_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_clearlist_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_soundless_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_treefileopen_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_gotop_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_stick_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\icon\logo.ico
  • %PROGRAMFILES%\\SHVersion.dll
  • %PROGRAMFILES%\\Skin\Default\loading\gugao.swf
  • %PROGRAMFILES%\\EffectiveMergeMp4File.dll
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\i_no_hover.png
  • %WINDIR%\SYSTEM32\winime.ime
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\scroll_h_sliderbg_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\download_downloading.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_tool_copyrul_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\window\error.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_fullshow_normal_top.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_tool_cutprint_hover.png
  • %TEMP%\SoHuVA_4.3.0.1-c203948913-run-s-x.exe
  • %PROGRAMFILES%\\Skin\Default\player\Frames\lyric_btn_ok_pressed.png
  • %PROGRAMFILES%\\Skin\Default\loading\ranking.swf
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_treesearch_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\sliderbar_palyerset_slider.png
  • %PROGRAMFILES%\\Skin\Default\player\menu\middle_center.png
  • %WINDIR%\SYSTEM32\unicdime.ime
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_download_begin_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_playerminus_pressedl.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\dbtn_shortcut_create_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_playerminus_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\dbtn_shortcut_del_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\desk_right.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_rotate_left_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\point_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\menu\select\menu_select_right_1.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_download_begin_hover.png
  • %PROGRAMFILES%\\Codecs\ff_wmv9.dll
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_sliderval_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_openfloder_pressed.png
  • %USERPROFILE%\Desktop\.lnk
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_home_next_nor.png
  • %PROGRAMFILES%\\Skin\Default\player\window\correct .png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_stop_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_1x_normal.png
  • %WINDIR%\SYSTEM32\imjp81.ime
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_gk_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_treesearch_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_previous_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\us_four.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\sliderbar_slider_normal.png
  • %PROGRAMFILES%\\Codecs\qasf.dll
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_font_big_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\dlna_connected.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_home_next_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_next_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_searchclose_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_cycleplay_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_speedhide_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_tool_cutprint_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_share_pressed.png
  • %PROGRAMFILES%\\Skin\Default\logo\logo.ico
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\cs_bg.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_tool_copyrul_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_set_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_upload_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_hidetree_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_common_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\lyric_btn_search_pressed.png
  • %PROGRAMFILES%\\Codecs\ff_libdts.dll
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_retShow_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\dlna_btn_refresh_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\lyric_btn_ok_hover.png
  • %WINDIR%\SYSTEM32\IME\PINTLGNT\PINTLGD.IMD
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\search_bk1.png
  • %PROGRAMFILES%\\videoLib.db
  • %PROGRAMFILES%\\Skin\Default\player\Frames\lyric_btn_cancel_pressed.png
  • %USERPROFILE%\Start Menu\Programs\\.lnk
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_operating_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\download_complete.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_detail_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\window\win_normal_lc.png
  • %PROGRAMFILES%\\npifox.dll
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\loading_btn.png
  • %PROGRAMFILES%\\sogou.ico
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_rotate_left_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_searchclosepressed..png
  • %PROGRAMFILES%\\Skin\Default\player\window\win_normal_rt.png
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_refresh_disable.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\vico_new.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_upload_nor.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_retry_h.png
  • %PROGRAMFILES%\\Codecs\splitter.ax
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_clmsg_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_operating_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_history_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\dlna_btn_back_pressed.png
  • %WINDIR%\SYSTEM32\winar30.ime
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_sound_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_speedshow_hover.png
  • %PROGRAMFILES%\\libpthread-2.dll
  • %PROGRAMFILES%\\Skin\Default\player\window\r_close-pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\btn_close_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_restore_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\menu\middle_left.png
  • %PROGRAMFILES%\\Skin\Default\player\CenterConsole\btn_treecycle_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\icon\f4v.ico
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_stop_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_printscreen_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_download_begin_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_reverse_pressed.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\lyric_btn_search_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_fast_normal.png
  • %PROGRAMFILES%\\Skin\Default\player\upload\btn_download_delete_pressed.png
  • %PROGRAMFILES%\\Skin\Default\loading\skin\images\ico-1.png
  • %PROGRAMFILES%\\Skin\Default\player\window\btn_max_normal.png
  • %PROGRAMFILES%\\hotgame.ico
  • %WINDIR%\IME\shared\imlang.dll
  • %PROGRAMFILES%\\Skin\Default\player\Frames\dlna_btn_ok_hover.png
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\mode_sel.png
  • %PROGRAMFILES%\\Codecs\ts.dll
  • %PROGRAMFILES%\\Codecs\Real\cook.dll
  • %PROGRAMFILES%\\Skin\Default\player\CommonCtl\loading.png
  • %PROGRAMFILES%\\Skin\Default\player\Frames\btn_preLoad_pressed.png
  • %PROGRAMFILES%\\flyfoxDSFilter.dll

The following files were temporarily written to disk then later removed:

  • %TEMP%\nsfC.tmp
  • %TEMP%\nskD.tmp
  • %WINDIR%\SYSTEM32\SET54.tmp
  • %TEMP%\mumuxi_0002.exe
  • %TEMP%\-8531_1_MM.exe
  • %TEMP%\pczh_100_1.exe
  • %WINDIR%\SYSTEM32\IME\PINTLGNT\SET3F.tmp
  • %WINDIR%\SYSTEM32\IME\PINTLGNT\SET40.tmp
  • %TEMP%\wuzun-zm-158399-v5.exe
  • %TEMP%\setup_a7158.exe
  • %TEMP%\xkss_50041.exe
  • %WINDIR%\IME\IMJP8_1\SET30.tmp
  • %WINDIR%\SYSTEM32\IME\CINTLGNT\SET63.tmp
  • %WINDIR%\SYSTEM32\IME\TINTLGNT\SET5B.tmp
  • %WINDIR%\IME\IMJP8_1\APPLETS\SET35.tmp
  • %WINDIR%\IME\CHSIME\APPLETS\SET4D.tmp
  • %WINDIR%\SYSTEM32\IME\PINTLGNT\SET44.tmp
  • %WINDIR%\SYSTEM32\set3b.tmp
  • %WINDIR%\IME\IMJP8_1\SET2A.tmp
  • %WINDIR%\SYSTEM32\IME\TINTLGNT\SET5A.tmp
  • %TEMP%\setup_3r6r_114d_9030.exe
  • %WINDIR%\IME\IMJP8_1\DICTS\SET34.tmp
  • %TEMP%\fgcn_101521.exe
  • %WINDIR%\SYSTEM32\IME\PINTLGNT\SET48.tmp
  • %WINDIR%\IME\SHARED\RES\SET60.tmp
  • %WINDIR%\SYSTEM32\IME\PINTLGNT\SET3E.tmp
  • %WINDIR%\IME\IMJP8_1\SET2E.tmp
  • %WINDIR%\IME\IMJP8_1\SET2C.tmp
  • %WINDIR%\SYSTEM32\SET55.tmp
  • %WINDIR%\IME\IMJP8_1\SET33.tmp
  • %WINDIR%\SYSTEM32\IME\TINTLGNT\SET5C.tmp
  • %WINDIR%\SYSTEM32\IME\PINTLGNT\SET47.tmp
  • %WINDIR%\SYSTEM32\SET58.tmp
  • %WINDIR%\SYSTEM32\IME\PINTLGNT\SET43.tmp
  • %WINDIR%\SYSTEM32\set1f.tmp
  • %WINDIR%\IME\IMJP8_1\APPLETS\SET36.tmp
  • %TEMP%\setup_3128.exe
  • %WINDIR%\SYSTEM32\set27.tmp
  • %WINDIR%\SYSTEM32\set37.tmp
  • %WINDIR%\SYSTEM32\set21.tmp
  • %WINDIR%\SYSTEM32\set38.tmp
  • %WINDIR%\SYSTEM32\set1c.tmp
  • %WINDIR%\SYSTEM32\set23.tmp
  • %WINDIR%\IME\CHTIME\APPLETS\SET5F.tmp
  • %WINDIR%\SYSTEM32\set1d.tmp
  • %WINDIR%\SYSTEM32\set24.tmp
  • %WINDIR%\SYSTEM32\set1e.tmp
  • %TEMP%\MMva_v3.1_jm_3017.exe
  • %WINDIR%\IME\CHTIME\APPLETS\SET5E.tmp
  • %WINDIR%\IME\IMJP8_1\SET2D.tmp
  • %WINDIR%\IME\IMJP8_1\SET2B.tmp
  • %TEMP%\setup1116331.exe
  • %WINDIR%\IME\IMJP8_1\SET29.tmp
  • %TEMP%\nskD.tmp\NSISdl.dll
  • %TEMP%\Setup_025.exe
  • %WINDIR%\SYSTEM32\set25.tmp
  • %WINDIR%\SYSTEM32\set26.tmp
  • %TEMP%\NmnPps_1112.exe
  • %WINDIR%\SYSTEM32\set22.tmp
  • %TEMP%\sonlinetime_1231.exe

Symptoms

This symptoms of this detection are the files, registry, and network communication referenced in the characteristics section.

Method of Infection

Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial. Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.

Removal

Please use the following instructions for all supported versions of Windows:


1. Disable Windows System Restore. For instructions, please refer to: http://www.mcafee.com/us/downloads/free-tools/disabling-system-restore.aspx

2. Update your McAfee Anti-Virus product to the latest version (when possible), and ensure the latest DAT and Engine and any applicable EXTRA.DATs are installed.

3. Run a full system scan. (On-Demand Scan)

4. Reboot, as soon as it is convenient, to ensure all malicious components are removed.

Variants