Technical Information
- Handler for all processes: <Current directory>\cfgdll.dll
- %TEMP%\mymacro_errinfo.exe
- %ProgramFiles%\rm\gong.bmp
- %ProgramFiles%\rm\suibian2.bmp
- %ProgramFiles%\rm\suiyi2.bmp
- %ProgramFiles%\rm\blpic.bmp
- %ProgramFiles%\rm\bs9coc2.bmp
- %ProgramFiles%\rm\blpic2.bmp
- %ProgramFiles%\rm\huiying2.bmp
- %ProgramFiles%\rm\adwcocpic.bmp
- %ProgramFiles%\rm\fa2.bmp
- %ProgramFiles%\rm\fs2.bmp
- %ProgramFiles%\rm\ju2.bmp
- %ProgramFiles%\rm\pang2.bmp
- %ProgramFiles%\rm\kbys.bmp
- %ProgramFiles%\rm\clearsystem.bat
- %ProgramFiles%\rm\sb.bmp
- %ProgramFiles%\rm\bfb.bmp
- %ProgramFiles%\rm\qqzy_fs2.bmp
- %ProgramFiles%\rm\no_nm.bmp
- %ProgramFiles%\rm\blyb.bmp
- %ProgramFiles%\rm\go_home2.bmp
- %ProgramFiles%\rm\zy3.bmp
- %ProgramFiles%\rm\zy4.bmp
- %ProgramFiles%\rm\bingying2.txt
- %ProgramFiles%\rm\bxjqd.bmp
- %ProgramFiles%\rm\my_ziyuan.txt
- %ProgramFiles%\rm\new_data.txt
- %ProgramFiles%\rm\ssk4-1.bmp
- %ProgramFiles%\rm\qx.jpg
- %ProgramFiles%\rm\ssk4-2.bmp
- %ProgramFiles%\rm\ssk4-0-1.bmp
- %ProgramFiles%\rm\cx2.bmp
- %ProgramFiles%\rm\mm2.bmp
- %ProgramFiles%\rm\mm.bmp
- %ProgramFiles%\rm\gong1.bmp
- %ProgramFiles%\rm\xyzybd.bmp
- %ProgramFiles%\rm\ps.txt
- %ProgramFiles%\rm\pang.bmp
- %ProgramFiles%\rm\ju.bmp
- %ProgramFiles%\rm\fs.bmp
- %ProgramFiles%\rm\fa.bmp
- %ProgramFiles%\rm\otherphone.bmp
- %ProgramFiles%\rm\thndffzr.mp3
- %ProgramFiles%\rm\shuoming.txt
- %ProgramFiles%\rm\good_view.bmp
- %ProgramFiles%\rm\3gn.txt
- %ProgramFiles%\rm\regdll.dll
- %ProgramFiles%\rm\cantcb.bmp
- %ProgramFiles%\rm\jcgamepic2.bmp
- %ProgramFiles%\rm\th.bmp
- %ProgramFiles%\rm\bs9allapp.bmp
- %ProgramFiles%\rm\bs9coc.bmp
- %ProgramFiles%\rm\1gn.txt
- %ProgramFiles%\rm\2gn.txt
- %ProgramFiles%\rm\fsgc2.bmp
- %ProgramFiles%\rm\all_jundui2.bmp
- %ProgramFiles%\rm\pczy2.bmp
- %ProgramFiles%\rm\zzz.bmp
- %ProgramFiles%\rm\qcs2.bmp
- %ProgramFiles%\rm\suibian.bmp
- %ProgramFiles%\rm\xinxi.bmp
- %ProgramFiles%\rm\gn2_10.bmp
- C:\rm\dm.dll
- %ProgramFiles%\rm\gn2_3.bmp
- %ProgramFiles%\rm\gn2_15.bmp
- %ProgramFiles%\rm\gn1_13.bmp
- %ProgramFiles%\rm\gn1_14.bmp
- %ProgramFiles%\rm\star.txt
- %ProgramFiles%\rm\ben10.txt
- %ProgramFiles%\rm\ben6.txt
- %ProgramFiles%\rm\ben7.txt
- %ProgramFiles%\rm\ben8.txt
- %ProgramFiles%\rm\ben_ext.txt
- %ProgramFiles%\rm\hj3_6.txt
- %ProgramFiles%\rm\hj1_2.txt
- %ProgramFiles%\rm\fasu.txt
- %ProgramFiles%\rm\gn2_2.bmp
- %ProgramFiles%\rm\cjq11.txt
- %ProgramFiles%\rm\cjq6.txt
- %ProgramFiles%\rm\cjq8.txt
- %ProgramFiles%\rm\cjq7.txt
- %ProgramFiles%\rm\cjq12.txt
- %ProgramFiles%\rm\cjq10.txt
- %ProgramFiles%\rm\waterhome.txt
- %ProgramFiles%\rm\waterhome2.txt
- %ProgramFiles%\rm\waterhome_js.txt
- %ProgramFiles%\rm\wenzi.txt
- %ProgramFiles%\rm\waterhome2_js.txt
- %ProgramFiles%\rm\ben9.txt
- %ProgramFiles%\rm\home.bmp
- %ProgramFiles%\rm\gn2_14.bmp
- %ProgramFiles%\rm\gn1_12.bmp
- %ProgramFiles%\rm\gn2_13.bmp
- %ProgramFiles%\rm\gn1_11.bmp
- %ProgramFiles%\rm\gn1_10.bmp
- %ProgramFiles%\rm\gn2_5.bmp
- %ProgramFiles%\rm\gn2_6.bmp
- %ProgramFiles%\rm\gn2_7.bmp
- %ProgramFiles%\rm\gn2_8.bmp
- %ProgramFiles%\rm\gn2_9.bmp
- %ProgramFiles%\rm\gn2_11.bmp
- %ProgramFiles%\rm\gn1_2.bmp
- %ProgramFiles%\rm\gn1_1.bmp
- %ProgramFiles%\rm\gn1_3.bmp
- %ProgramFiles%\rm\gn1_4.bmp
- %ProgramFiles%\rm\gn1_6.bmp
- %ProgramFiles%\rm\gn1_5.bmp
- %ProgramFiles%\rm\gn2_1.bmp
- %ProgramFiles%\rm\suiyi.bmp
- %ProgramFiles%\rm\gn1_7.bmp
- %ProgramFiles%\rm\gn_001.bmp
- %ProgramFiles%\rm\gn_002.bmp
- %ProgramFiles%\rm\gn_003.bmp
- %ProgramFiles%\rm\gn1_001.bmp
- %ProgramFiles%\rm\gn1_002.bmp
- %ProgramFiles%\rm\gn1_003.bmp
- %ProgramFiles%\rm\gn1_004.bmp
- %ProgramFiles%\rm\gn1_005.bmp
- %ProgramFiles%\rm\gn1_006.bmp
- %ProgramFiles%\rm\gn1_007.bmp
- %ProgramFiles%\rm\gn_004.bmp
- %ProgramFiles%\rm\gn2_12.bmp
- %ProgramFiles%\rm\gn2_4.bmp
- %ProgramFiles%\rm\gn1_8.bmp
- %ProgramFiles%\rm\cjq9.txt
- %ProgramFiles%\rm\mm0.bmp
- %ProgramFiles%\rm\h_02.bmp
- %ProgramFiles%\rm\bl_out.bmp
- %ProgramFiles%\rm\block.bmp
- %ProgramFiles%\rm\blueline.bmp
- %ProgramFiles%\rm\bm.bmp
- %ProgramFiles%\rm\bs_begin.bmp
- %ProgramFiles%\rm\bs_coc_logo.bmp
- %ProgramFiles%\rm\bs_new.bmp
- %ProgramFiles%\rm\bsallapp.bmp
- %ProgramFiles%\rm\bsallappspic.bmp
- %ProgramFiles%\rm\bscoclogo.bmp
- %ProgramFiles%\rm\byhz0.bmp
- %ProgramFiles%\rm\byhz1.bmp
- %TEMP%\eec2fed.tmp
- %ProgramFiles%\rm\caidan.bmp
- %ProgramFiles%\rm\chuizi.bmp
- %ProgramFiles%\rm\cx.bmp
- %ProgramFiles%\rm\fdj.bmp
- %ProgramFiles%\rm\fsgc.bmp
- %ProgramFiles%\rm\gamepic.bmp
- %ProgramFiles%\rm\gjnh.bmp
- %ProgramFiles%\rm\go_home.bmp
- %ProgramFiles%\rm\gongjian.bmp
- %ProgramFiles%\rm\heise.bmp
- %ProgramFiles%\rm\huiying.bmp
- %ProgramFiles%\rm\huzi.bmp
- %ProgramFiles%\rm\jcgamepic.bmp
- <Current directory>\radiobox_disabled_checked.ico
- <Current directory>\radiobox_disabled_unchecked.ico
- <Current directory>\radiobox_unchecked.ico
- <Current directory>\radiobox_checked.ico
- <Current directory>\browsebox_dir.ico
- %TEMP%\mac2a30.tmp
- %TEMP%\plugin.zip
- <Current directory>\plugin\msg.dll
- <Current directory>\plugin\regdll.dll
- <Current directory>\plugin\file.dll
- <Current directory>\plugin\media.dll
- <Current directory>\plugin\sys.dll
- <Current directory>\plugin\pic.dll
- %TEMP%\mymacro.zip
- %TEMP%\background.bmp
- <Current directory>\cfgdll.dll
- <Current directory>\shieldmodule.dat
- %ProgramFiles%\rm\jiaru.bmp
- %ProgramFiles%\rm\cbyb.bmp
- %APPDATA%\mymacro\qdisp.dll
- %APPDATA%\qmacro\shield\sd000.dat
- %APPDATA%\qmacro\shield\sd001.dat
- %APPDATA%\qmacro\shield\sd002.dat
- %APPDATA%\qmacro\shield\sd003.dat
- %APPDATA%\qmacro\shield\sd004.dat
- %APPDATA%\qmacro\shield\shield.ini
- <Current directory>\timer_icon.ico
- <Current directory>\checkbox_checked.ico
- <Current directory>\checkbox_unchecked.ico
- <Current directory>\checkbox_disabled_checked.ico
- <Current directory>\checkbox_disabled_unchecked.ico
- <Current directory>\browsebox_file.ico
- %TEMP%\mac2a2f.tmp
- <PATH_SAMPLE>.ini
- %ProgramFiles%\rm\xljd.bmp
- %ProgramFiles%\rm\jinkuang9_11.txt
- %ProgramFiles%\rm\kj.bmp
- %ProgramFiles%\rm\fst7.txt
- %ProgramFiles%\rm\fst7_sd.txt
- %ProgramFiles%\rm\fst8.txt
- %ProgramFiles%\rm\fst8_sd.txt
- %ProgramFiles%\rm\heiyou.txt
- %ProgramFiles%\rm\ku.txt
- %ProgramFiles%\rm\redline.txt
- %ProgramFiles%\rm\w9.txt
- %ProgramFiles%\rm\w10.txt
- %ProgramFiles%\rm\war_peo.txt
- %ProgramFiles%\rm\warinfo.txt
- %ProgramFiles%\rm\shandian.bmp
- %ProgramFiles%\rm\juren.bmp
- %ProgramFiles%\rm\h_01.bmp
- %ProgramFiles%\rm\h_03.bmp
- %ProgramFiles%\rm\h_04.bmp
- %ProgramFiles%\rm\h_05.bmp
- %ProgramFiles%\rm\h_06.bmp
- %ProgramFiles%\rm\h_07.bmp
- %ProgramFiles%\rm\h_08.bmp
- %ProgramFiles%\rm\h_09.bmp
- %ProgramFiles%\rm\h_10.bmp
- %ProgramFiles%\rm\h_11.bmp
- %ProgramFiles%\rm\pzfs.bmp
- %ProgramFiles%\rm\all_jundui.bmp
- %ProgramFiles%\rm\dm.dll
- %ProgramFiles%\rm\fst6.txt
- %ProgramFiles%\rm\fst6_sd.txt
- %ProgramFiles%\rm\dyt.txt
- %ProgramFiles%\rm\xlycb0.ini
- %ProgramFiles%\rm\dccg.vbs
- %ProgramFiles%\rm\kpzscoc.bmp
- %ProgramFiles%\rm\ljyx.bmp
- %ProgramFiles%\rm\no_active.bmp
- %ProgramFiles%\rm\oldjc.bmp
- %ProgramFiles%\rm\otherline.bmp
- %ProgramFiles%\rm\outbl.bmp
- %ProgramFiles%\rm\pczy.bmp
- %ProgramFiles%\rm\qcs.bmp
- %ProgramFiles%\rm\qqzy_fs.bmp
- %ProgramFiles%\rm\show.bmp
- %ProgramFiles%\rm\sj.bmp
- %ProgramFiles%\rm\w_xue.bmp
- %ProgramFiles%\rm\king_home.bmp
- %ProgramFiles%\rm\jinkuang12.txt
- %ProgramFiles%\rm\xiaoemo.bmp
- %ProgramFiles%\rm\ysqbhdqd.bmp
- %ProgramFiles%\rm\zfs.bmp
- %ProgramFiles%\rm\zgbl.bmp
- %ProgramFiles%\rm\zgjs.bmp
- %ProgramFiles%\rm\zjr.bmp
- %ProgramFiles%\rm\zwl.bmp
- %ProgramFiles%\rm\zym.bmp
- %ProgramFiles%\rm\zyz.bmp
- %ProgramFiles%\rm\zzd.bmp
- %ProgramFiles%\rm\zzm.bmp
- %ProgramFiles%\rm\ê¥ë®11¼¶2.bmp
- %ProgramFiles%\rm\ê¥ë®11¼¶3.bmp
- %ProgramFiles%\rm\kpjm.bmp
- %ProgramFiles%\rm\ymrzw.bmp
- %LOCALAPPDATA%\microsoft\windows\history\history.ie5\mshist012020021720200218\index.dat
- %TEMP%\plugin.zip
- %TEMP%\mymacro.zip
- <Current directory>\shieldmodule.dat
- <Current directory>\timer_icon.ico
- <Current directory>\checkbox_checked.ico
- <Current directory>\checkbox_unchecked.ico
- <Current directory>\checkbox_disabled_checked.ico
- <Current directory>\checkbox_disabled_unchecked.ico
- <Current directory>\browsebox_file.ico
- <Current directory>\browsebox_dir.ico
- <Current directory>\radiobox_checked.ico
- <Current directory>\radiobox_unchecked.ico
- <Current directory>\radiobox_disabled_checked.ico
- <Current directory>\radiobox_disabled_unchecked.ico
- from %TEMP%\background.bmp to %TEMP%\6ecbackground.bmp
- http://c.###huoa.com/c2/MymacroidSalesUrl.aspx?my######################
- http://c.###huoa.com/banner/Q11757.htm
- DNS ASK c.###huoa.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''