Техническая информация
- '<SYSTEM32>\regsvr32.exe' atl.dll /s
- Библиотека-обработчик для всех процессов: <Текущая директория>\cfgdll.dll
- %ProgramFiles%\blct_game_1\Btwo_14.bmp
- %ProgramFiles%\blct_game_1\Btwo_15.bmp
- %ProgramFiles%\blct_game_1\Btwo_12.bmp
- %ProgramFiles%\blct_game_1\Btwo_13.bmp
- %ProgramFiles%\blct_game_1\Btwo_16.bmp
- %ProgramFiles%\blct_game_1\Btwo_19.bmp
- %ProgramFiles%\blct_game_1\Btwo_20.bmp
- %ProgramFiles%\blct_game_1\Btwo_17.bmp
- %ProgramFiles%\blct_game_1\Btwo_18.bmp
- %ProgramFiles%\blct_game_1\Btwo_5.bmp
- %ProgramFiles%\blct_game_1\Btwo_6.bmp
- %ProgramFiles%\blct_game_1\Btwo_3.bmp
- %ProgramFiles%\blct_game_1\Btwo_4.bmp
- %ProgramFiles%\blct_game_1\Btwo_7.bmp
- %ProgramFiles%\blct_game_1\Btwo_10.bmp
- %ProgramFiles%\blct_game_1\Btwo_11.bmp
- %ProgramFiles%\blct_game_1\Btwo_8.bmp
- %ProgramFiles%\blct_game_1\Btwo_9.bmp
- %ProgramFiles%\blct_game_1\fs3.bmp
- %ProgramFiles%\blct_game_1\fs4.bmp
- %ProgramFiles%\blct_game_1\fs1.bmp
- %ProgramFiles%\blct_game_1\fs2.bmp
- %ProgramFiles%\blct_game_1\guanggao2.bmp
- %ProgramFiles%\blct_game_1\guanggao5.bmp
- %ProgramFiles%\blct_game_1\guanggao7.bmp
- %ProgramFiles%\blct_game_1\guanggao3.bmp
- %ProgramFiles%\blct_game_1\guanggao4.bmp
- %ProgramFiles%\blct_game_1\Btwo_23.bmp
- %ProgramFiles%\blct_game_1\Btwo_24.bmp
- %ProgramFiles%\blct_game_1\Btwo_21.bmp
- %ProgramFiles%\blct_game_1\Btwo_22.bmp
- %ProgramFiles%\blct_game_1\bzqd.bmp
- %ProgramFiles%\blct_game_1\C3.txt
- %ProgramFiles%\blct_game_1\dm.dll
- %ProgramFiles%\blct_game_1\C1.txt
- %ProgramFiles%\blct_game_1\C2.txt
- %ProgramFiles%\blct_game_1\Btwo_2.bmp
- %ProgramFiles%\blct_game_1\Bone_1.bmp
- %ProgramFiles%\blct_game_1\Bone_2.bmp
- %ProgramFiles%\blct_game_1\baidenglu.bmp
- %ProgramFiles%\blct_game_1\baidu2.bmp
- %ProgramFiles%\blct_game_1\Bone_3.bmp
- %ProgramFiles%\blct_game_1\Bone_6.bmp
- %ProgramFiles%\blct_game_1\Bone_7.bmp
- %ProgramFiles%\blct_game_1\Bone_4.bmp
- %ProgramFiles%\blct_game_1\Bone_5.bmp
- %ProgramFiles%\blct_game_1\A1.txt
- %ProgramFiles%\blct_game_1\A2.txt
- %ProgramFiles%\blct_game_1\10±ѕ7ј¶№Вщ.ini
- %ProgramFiles%\blct_game_1\A0.txt
- %ProgramFiles%\blct_game_1\A3.txt
- %ProgramFiles%\blct_game_1\A6.txt
- %ProgramFiles%\blct_game_1\A7.txt
- %ProgramFiles%\blct_game_1\A4.txt
- %ProgramFiles%\blct_game_1\A5.txt
- %ProgramFiles%\blct_game_1\Bone_19.bmp
- %ProgramFiles%\blct_game_1\Bone_20.bmp
- %ProgramFiles%\blct_game_1\Bone_17.bmp
- %ProgramFiles%\blct_game_1\Bone_18.bmp
- %ProgramFiles%\blct_game_1\Bone_21.bmp
- %ProgramFiles%\blct_game_1\Bone_24.bmp
- %ProgramFiles%\blct_game_1\Btwo_1.bmp
- %ProgramFiles%\blct_game_1\Bone_22.bmp
- %ProgramFiles%\blct_game_1\Bone_23.bmp
- %ProgramFiles%\blct_game_1\Bone_10.bmp
- %ProgramFiles%\blct_game_1\Bone_11.bmp
- %ProgramFiles%\blct_game_1\Bone_8.bmp
- %ProgramFiles%\blct_game_1\Bone_9.bmp
- %ProgramFiles%\blct_game_1\Bone_12.bmp
- %ProgramFiles%\blct_game_1\Bone_15.bmp
- %ProgramFiles%\blct_game_1\Bone_16.bmp
- %ProgramFiles%\blct_game_1\Bone_13.bmp
- %ProgramFiles%\blct_game_1\Bone_14.bmp
- %ProgramFiles%\blct_game_1\j_4.bmp
- %ProgramFiles%\blct_game_1\j_5.bmp
- %ProgramFiles%\blct_game_1\j_2.bmp
- %ProgramFiles%\blct_game_1\j_3.bmp
- %ProgramFiles%\blct_game_1\j_6.bmp
- %ProgramFiles%\blct_game_1\j_9.bmp
- %ProgramFiles%\blct_game_1\j_10.bmp
- %ProgramFiles%\blct_game_1\j_7.bmp
- %ProgramFiles%\blct_game_1\j_8.bmp
- %ProgramFiles%\blct_game_1\BGJ.bmp
- %ProgramFiles%\blct_game_1\BGJHY.bmp
- %ProgramFiles%\blct_game_1\Anniujuan.bmp
- %ProgramFiles%\blct_game_1\Anniupai.bmp
- %ProgramFiles%\blct_game_1\dklt.bmp
- %ProgramFiles%\blct_game_1\guotu1.bmp
- %ProgramFiles%\blct_game_1\j_1.bmp
- %ProgramFiles%\blct_game_1\gblt.bmp
- %ProgramFiles%\blct_game_1\gshan9.bmp
- %ProgramFiles%\blct_game_1\te2.bmp
- %ProgramFiles%\blct_game_1\te2_2.bmp
- %ProgramFiles%\blct_game_1\te1.bmp
- %ProgramFiles%\blct_game_1\te1_1.bmp
- %ProgramFiles%\blct_game_1\И·¶Ё.bmp
- %ProgramFiles%\blct_game_1\jingong_1.bmp
- %ProgramFiles%\blct_game_1\°ґЕҐЛСЛч»ШУЄ.bmp
- %ProgramFiles%\blct_game_1\ґнОу_1.bmp
- %ProgramFiles%\blct_game_1\ґнОу_2.bmp
- %ProgramFiles%\blct_game_1\j_13.bmp
- %ProgramFiles%\blct_game_1\j_14.bmp
- %ProgramFiles%\blct_game_1\j_11.bmp
- %ProgramFiles%\blct_game_1\j_12.bmp
- %ProgramFiles%\blct_game_1\j_15.bmp
- %ProgramFiles%\blct_game_1\shan9.bmp
- %ProgramFiles%\blct_game_1\shan9_2.bmp
- %ProgramFiles%\blct_game_1\j_16.bmp
- %ProgramFiles%\blct_game_1\shan8.bmp
- %ProgramFiles%\blct_game_1\nvhuang_1.bmp
- %ProgramFiles%\blct_game_1\Zshui.bmp
- %ProgramFiles%\blct_game_1\Zyou.bmp
- %ProgramFiles%\blct_game_1\yxtb.bmp
- %ProgramFiles%\blct_game_1\zhuom.bmp
- %ProgramFiles%\blct_game_1\zzcs.bmp
- %ProgramFiles%\blct_game_1\іЗЗЅ.bmp
- %ProgramFiles%\blct_game_1\·ЁКх№¤і§.bmp
- %ProgramFiles%\blct_game_1\°ґЕҐ·ЕЖъ.bmp
- %ProgramFiles%\blct_game_1\°µєЪСµБ·УЄ.bmp
- %ProgramFiles%\blct_game_1\Mxun.bmp
- %ProgramFiles%\blct_game_1\Notjz.bmp
- %ProgramFiles%\blct_game_1\jbz.bmp
- %ProgramFiles%\blct_game_1\Manhei.bmp
- %ProgramFiles%\blct_game_1\opguanggao.bmp
- %ProgramFiles%\blct_game_1\tong2.bmp
- %ProgramFiles%\blct_game_1\tongdeng.bmp
- %ProgramFiles%\blct_game_1\RegDll.dll
- %ProgramFiles%\blct_game_1\tong1.bmp
- %ProgramFiles%\blct_game_1\СµБ·УЄ.bmp
- %ProgramFiles%\blct_game_1\Т°ВщИЛНх.bmp
- %ProgramFiles%\blct_game_1\Ое±ѕЕдЦГ.ini
- %ProgramFiles%\blct_game_1\СµБ·ѕь¶У.bmp
- %ProgramFiles%\blct_game_1\УНЙэ.bmp
- %ProgramFiles%\blct_game_1\dingwei.bmp
- %ProgramFiles%\blct_game_1\man_1.bmp
- %ProgramFiles%\blct_game_1\УРИЛВр.bmp
- %ProgramFiles%\blct_game_1\A8.txt
- %ProgramFiles%\blct_game_1\ЅрЙэ.bmp
- %ProgramFiles%\blct_game_1\ЅрЧКФґ.bmp
- %ProgramFiles%\blct_game_1\№јэЕ®»К.bmp
- %ProgramFiles%\blct_game_1\ЅбКшХЅ¶·.bmp
- %ProgramFiles%\blct_game_1\Бщ±ѕЕдЦГ.ini
- %ProgramFiles%\blct_game_1\Л®Йэ.bmp
- %ProgramFiles%\blct_game_1\Л®ЧКФґ.bmp
- %ProgramFiles%\blct_game_1\ЖЯ±ѕЕдЦГ.ini
- %ProgramFiles%\blct_game_1\Йэј¶ЦР.bmp
- %ProgramFiles%\blct_game_1\h3.bmp
- %ProgramFiles%\blct_game_1\h4.bmp
- %ProgramFiles%\blct_game_1\h1.bmp
- %ProgramFiles%\blct_game_1\h2.bmp
- %ProgramFiles%\blct_game_1\h5.bmp
- %ProgramFiles%\blct_game_1\man2.bmp
- %ProgramFiles%\blct_game_1\nvhuang1.bmp
- %ProgramFiles%\blct_game_1\h6.bmp
- %ProgramFiles%\blct_game_1\man1.bmp
- <Текущая директория>\plugin\SYSEX.ini
- %ProgramFiles%\blct_game_1\zjin.bmp
- <Текущая директория>\plugin\FILE.ini
- %WINDIR%\Temp\SpeedDLL.dll
- %ProgramFiles%\blct_game_1\f1.bmp
- %ProgramFiles%\blct_game_1\f4.bmp
- %ProgramFiles%\blct_game_1\f5.bmp
- %ProgramFiles%\blct_game_1\f2.bmp
- %ProgramFiles%\blct_game_1\f3.bmp
- %ProgramFiles%\blct_game_1\ЛСЛч¶ФКЦ.bmp
- %ProgramFiles%\blct_game_1\z_8.bmp
- %ProgramFiles%\blct_game_1\jsz.bmp
- %ProgramFiles%\blct_game_1\djs.bmp
- %ProgramFiles%\blct_game_1\z_9.bmp
- %ProgramFiles%\blct_game_1\z_12.bmp
- %ProgramFiles%\blct_game_1\z_13.bmp
- %ProgramFiles%\blct_game_1\z_10.bmp
- %ProgramFiles%\blct_game_1\z_11.bmp
- %ProgramFiles%\blct_game_1\x4.bmp
- %ProgramFiles%\blct_game_1\x5.bmp
- %ProgramFiles%\blct_game_1\nvhuang2.bmp
- %ProgramFiles%\blct_game_1\x3.bmp
- %ProgramFiles%\blct_game_1\x6.bmp
- %ProgramFiles%\blct_game_1\x9.bmp
- %ProgramFiles%\blct_game_1\x10.bmp
- %ProgramFiles%\blct_game_1\x7.bmp
- %ProgramFiles%\blct_game_1\x8.bmp
- %TEMP%\~DFCFA.tmp
- <Текущая директория>\plugin\ENCRYPT.DLL
- %TEMP%\mymacro.zip
- <Текущая директория>\plugin\SYS.DLL
- <Текущая директория>\plugin\TSAJJL.DLL
- %TEMP%\BackGround.bmp
- %APPDATA%\mymacro\qdisp.dll
- %TEMP%\e7c3.tmp
- <Текущая директория>\cfgdll.dll
- <Текущая директория>\ShieldModule.dat
- %TEMP%\mac2.tmp
- %TEMP%\plugin.zip
- %TEMP%\mymacro_errinfo.exe
- %TEMP%\mac1.tmp
- <Текущая директория>\plugin\SYSEX.DLL
- <Текущая директория>\plugin\REGDLL.DLL
- <Текущая директория>\plugin\FILE.DLL
- <Текущая директория>\plugin\MSG.DLL
- <Текущая директория>\plugin\WINDOW.DLL
- <Текущая директория>\radiobox_checked.ico
- <Текущая директория>\radiobox_unchecked.ico
- <Текущая директория>\checkbox_disabled_checked.ico
- <Текущая директория>\checkbox_disabled_unchecked.ico
- <Текущая директория>\radiobox_disabled_checked.ico
- <Текущая директория>\browsebox_dir.ico
- <Текущая директория>\timer_icon.ico
- <Текущая директория>\radiobox_disabled_unchecked.ico
- <Текущая директория>\browsebox_file.ico
- %APPDATA%\qmacro\shield\SD001.dat
- %APPDATA%\qmacro\shield\SD002.dat
- <Текущая директория>\<Имя вируса>.ini
- %APPDATA%\qmacro\shield\SD000.dat
- %APPDATA%\qmacro\shield\SD003.dat
- <Текущая директория>\checkbox_checked.ico
- <Текущая директория>\checkbox_unchecked.ico
- %APPDATA%\qmacro\shield\SD004.dat
- %APPDATA%\qmacro\shield\Shield.ini
- %ProgramFiles%\blct_game_1\z_5.bmp
- %ProgramFiles%\blct_game_1\z_6.bmp
- %ProgramFiles%\blct_game_1\z_3.bmp
- %ProgramFiles%\blct_game_1\z_4.bmp
- %ProgramFiles%\blct_game_1\z_7.bmp
- %ProgramFiles%\blct_game_1\ben7.bmp
- %ProgramFiles%\blct_game_1\ben8.bmp
- %ProgramFiles%\blct_game_1\ben5.bmp
- %ProgramFiles%\blct_game_1\ben6.bmp
- %ProgramFiles%\blct_game_1\z_53.bmp
- %ProgramFiles%\blct_game_1\z_54.bmp
- %ProgramFiles%\blct_game_1\z_51.bmp
- %ProgramFiles%\blct_game_1\z_52.bmp
- %ProgramFiles%\blct_game_1\z_55.bmp
- %ProgramFiles%\blct_game_1\z_1.bmp
- %ProgramFiles%\blct_game_1\z_2.bmp
- %ProgramFiles%\blct_game_1\z_56.bmp
- %ProgramFiles%\blct_game_1\z_57.bmp
- %ProgramFiles%\blct_game_1\ybz.bmp
- %ProgramFiles%\blct_game_1\8±ѕ4ј¶№Вщ.ini
- %ProgramFiles%\blct_game_1\ben18.bmp
- %ProgramFiles%\blct_game_1\sbz.bmp
- %ProgramFiles%\blct_game_1\8±ѕ5ј¶№Вщ.ini
- %ProgramFiles%\blct_game_1\9±ѕ10±ѕґтєЪ.ini
- %ProgramFiles%\blct_game_1\10±ѕ6ј¶№Вщ.ini
- %ProgramFiles%\blct_game_1\9±ѕ5ј¶№Вщ.ini
- %ProgramFiles%\blct_game_1\9±ѕ6ј¶№Вщ.ini
- %ProgramFiles%\blct_game_1\ben11.bmp
- %ProgramFiles%\blct_game_1\ben12.bmp
- %ProgramFiles%\blct_game_1\ben9.bmp
- %ProgramFiles%\blct_game_1\ben10.bmp
- %ProgramFiles%\blct_game_1\ben13.bmp
- %ProgramFiles%\blct_game_1\ben16.bmp
- %ProgramFiles%\blct_game_1\ben17.bmp
- %ProgramFiles%\blct_game_1\ben14.bmp
- %ProgramFiles%\blct_game_1\ben15.bmp
- %ProgramFiles%\blct_game_1\z_50.bmp
- %ProgramFiles%\blct_game_1\z_25.bmp
- %ProgramFiles%\blct_game_1\z_26.bmp
- %ProgramFiles%\blct_game_1\z_23.bmp
- %ProgramFiles%\blct_game_1\z_24.bmp
- %ProgramFiles%\blct_game_1\z_27.bmp
- %ProgramFiles%\blct_game_1\z_30.bmp
- %ProgramFiles%\blct_game_1\z_31.bmp
- %ProgramFiles%\blct_game_1\z_28.bmp
- %ProgramFiles%\blct_game_1\z_29.bmp
- %ProgramFiles%\blct_game_1\z_16.bmp
- %ProgramFiles%\blct_game_1\z_17.bmp
- %ProgramFiles%\blct_game_1\z_14.bmp
- %ProgramFiles%\blct_game_1\z_15.bmp
- %ProgramFiles%\blct_game_1\z_18.bmp
- %ProgramFiles%\blct_game_1\z_21.bmp
- %ProgramFiles%\blct_game_1\z_22.bmp
- %ProgramFiles%\blct_game_1\z_19.bmp
- %ProgramFiles%\blct_game_1\z_20.bmp
- %ProgramFiles%\blct_game_1\z_43.bmp
- %ProgramFiles%\blct_game_1\z_44.bmp
- %ProgramFiles%\blct_game_1\z_41.bmp
- %ProgramFiles%\blct_game_1\z_42.bmp
- %ProgramFiles%\blct_game_1\z_45.bmp
- %ProgramFiles%\blct_game_1\z_48.bmp
- %ProgramFiles%\blct_game_1\z_49.bmp
- %ProgramFiles%\blct_game_1\z_46.bmp
- %ProgramFiles%\blct_game_1\z_47.bmp
- %ProgramFiles%\blct_game_1\z_34.bmp
- %ProgramFiles%\blct_game_1\z_35.bmp
- %ProgramFiles%\blct_game_1\z_32.bmp
- %ProgramFiles%\blct_game_1\z_33.bmp
- %ProgramFiles%\blct_game_1\z_36.bmp
- %ProgramFiles%\blct_game_1\z_39.bmp
- %ProgramFiles%\blct_game_1\z_40.bmp
- %ProgramFiles%\blct_game_1\z_37.bmp
- %ProgramFiles%\blct_game_1\z_38.bmp
- <Текущая директория>\radiobox_disabled_checked.ico
- <Текущая директория>\radiobox_unchecked.ico
- <Текущая директория>\radiobox_checked.ico
- <Текущая директория>\radiobox_disabled_unchecked.ico
- <Текущая директория>\timer_icon.ico
- <Текущая директория>\browsebox_dir.ico
- <Текущая директория>\browsebox_file.ico
- <Текущая директория>\ShieldModule.dat
- %TEMP%\mymacro.zip
- %TEMP%\plugin.zip
- <Текущая директория>\checkbox_checked.ico
- <Текущая директория>\checkbox_disabled_unchecked.ico
- <Текущая директория>\checkbox_disabled_checked.ico
- <Текущая директория>\checkbox_unchecked.ico
- %TEMP%\BackGround.bmp в %TEMP%\b64background.bmp
- 'c.###huoa.com':80
- http://c.###huoa.com/c2/MymacroidSalesUrl.aspx?my#######################
- http://c.###huoa.com/banner/Q10624.htm
- DNS ASK c.###huoa.com
- ClassName: 'Shell_TrayWnd' WindowName: ''