Technical Information
- Handler for all processes: %TEMP%\dqzu.dll
- %TEMP%\temp01.dll
- %TEMP%\dqzu.dll
- %TEMP%\background.bmp
- %TEMP%\mymacro.zip
- %TEMP%\dbf.tmp
- %TEMP%\daf.tmp
- %TEMP%\dae.tmp
- %WINDIR%\tdqz.dll
- <Current directory>\plugin\window.dll
- <Current directory>\plugin\web.dll
- <Current directory>\plugin\sys.dll
- <Current directory>\plugin\pic.dll
- %TEMP%\2
- <Current directory>\plugin\office.dll
- <Current directory>\plugin\msg.dll
- <Current directory>\plugin\memory.dll
- <Current directory>\plugin\media.dll
- <Current directory>\plugin\getsysinfo.dll
- <Current directory>\plugin\file.dll
- <Current directory>\plugin\encrypt.dll
- <Current directory>\plugin\console.dll
- <Current directory>\plugin\color.dll
- <Current directory>\plugin\bkgndcolor.dll
- <Current directory>\plugin\bkgnd.dll
- %TEMP%\temp02.dll
- <Current directory>\plugin\net.dll
- %TEMP%\3
- %TEMP%\temp01.dll
- %TEMP%\mymacro.zip
- %TEMP%\temp02.dll
- %TEMP%\2
- %TEMP%\3
- %TEMP%\daf.tmp
- %TEMP%\dbf.tmp
- from %TEMP%\background.bmp to %TEMP%\6b8background.bmp
- DNS ASK c.##rj.cn