Technical Information
- Handler for all processes: <Current directory>\cfgdll.dll
- %ProgramFiles%\JFoo\s10j2.bmp
- %ProgramFiles%\JFoo\s11j1.bmp
- %ProgramFiles%\JFoo\s8j1.bmp
- %ProgramFiles%\JFoo\s10j1.bmp
- %ProgramFiles%\JFoo\s11j4.bmp
- %ProgramFiles%\JFoo\sjq1.bmp
- %ProgramFiles%\JFoo\s11j2.bmp
- %ProgramFiles%\JFoo\s11j3.bmp
- %ProgramFiles%\JFoo\s.bmp
- %ProgramFiles%\JFoo\yk5.bmp
- %ProgramFiles%\JFoo\sya3.bmp
- %ProgramFiles%\JFoo\yk3.bmp
- %ProgramFiles%\JFoo\yk4.bmp
- %ProgramFiles%\JFoo\syb3.bmp
- %ProgramFiles%\JFoo\syb4.bmp
- %ProgramFiles%\JFoo\syb1.bmp
- %ProgramFiles%\JFoo\syb2.bmp
- %ProgramFiles%\JFoo\К¤Аы.bmp
- %ProgramFiles%\JFoo\°ґЕҐ»¤¶ЬИ·¶Ё.bmp
- %ProgramFiles%\JFoo\ПВТ»ёц.bmp
- %ProgramFiles%\JFoo\Нј±кХЅєуєЪУН.bmp
- %ProgramFiles%\JFoo\jgj.bmp
- %ProgramFiles%\JFoo\Нј±кіЗ±¤ТСВъ.bmp
- %ProgramFiles%\JFoo\ЅбКшИ·¶Ё.bmp
- %ProgramFiles%\JFoo\№¤ИЛєЬГ¦.bmp
- %ProgramFiles%\JFoo\°ґЕҐЅш№Ґ.bmp
- %ProgramFiles%\JFoo\sya2.bmp
- %ProgramFiles%\JFoo\nhjn.bmp
- %ProgramFiles%\JFoo\sjq2.bmp
- %ProgramFiles%\JFoo\sya1.bmp
- %ProgramFiles%\JFoo\ЅбКшХЅ¶·.bmp
- %ProgramFiles%\JFoo\°ґЕҐЛСЛч»ШУЄ.bmp
- %ProgramFiles%\JFoo\rwjn.bmp
- %ProgramFiles%\JFoo\°ґЕҐ·ЕЖъ.bmp
- %ProgramFiles%\JFoo\yk2.bmp
- %ProgramFiles%\JFoo\j.bmp
- %ProgramFiles%\JFoo\j8.bmp
- %ProgramFiles%\JFoo\ben9.bmp
- %ProgramFiles%\JFoo\ben10.bmp
- %ProgramFiles%\JFoo\j10.bmp
- %ProgramFiles%\JFoo\j11.bmp
- %ProgramFiles%\JFoo\j9.2.bmp
- %ProgramFiles%\JFoo\j9.bmp
- %ProgramFiles%\JFoo\ben8.bmp
- %ProgramFiles%\JFoo\ln2.bmp
- %ProgramFiles%\JFoo\ln3.bmp
- %ProgramFiles%\JFoo\fs8.bmp
- %ProgramFiles%\JFoo\ln1.bmp
- %ProgramFiles%\JFoo\ben6.bmp
- %ProgramFiles%\JFoo\ben7.bmp
- %ProgramFiles%\JFoo\yk6.bmp
- %ProgramFiles%\JFoo\yk7.bmp
- %ProgramFiles%\JFoo\sk11.bmp
- %ProgramFiles%\JFoo\ss8.bmp
- %ProgramFiles%\JFoo\sk10.bmp
- %ProgramFiles%\JFoo\sk11.1.bmp
- %ProgramFiles%\JFoo\ss11.bmp
- %ProgramFiles%\JFoo\yk1.bmp
- %ProgramFiles%\JFoo\ss9.bmp
- %ProgramFiles%\JFoo\ss10.bmp
- %ProgramFiles%\JFoo\sk.bmp
- %ProgramFiles%\JFoo\jk11.bmp
- %ProgramFiles%\JFoo\s8.bmp
- %ProgramFiles%\JFoo\j12sd.bmp
- %ProgramFiles%\JFoo\jk10.bmp
- %ProgramFiles%\JFoo\s11.bmp
- %ProgramFiles%\JFoo\s12sd.bmp
- %ProgramFiles%\JFoo\s9.bmp
- %ProgramFiles%\JFoo\s10.bmp
- %ProgramFiles%\JFoo\Нј±к·ўЛН.bmp
- %ProgramFiles%\JFoo\·ЁКх№¤і§.bmp
- %ProgramFiles%\JFoo\ѕи±ш°ґЕҐ.bmp
- %ProgramFiles%\JFoo\Нј±кЗлЗуЦ§Ф®.bmp
- %ProgramFiles%\JFoo\Нј±кІїВдіЗ±¤.bmp
- %ProgramFiles%\JFoo\ЛСЛч¶ФКЦ.bmp
- %ProgramFiles%\JFoo\jsz.bmp
- %ProgramFiles%\JFoo\Нј±кЗлЗуЦ§Ф®2.bmp
- %ProgramFiles%\JFoo\djs2.bmp
- %ProgramFiles%\JFoo\°ґЕҐСЎФсХыРР.bmp
- %ProgramFiles%\JFoo\j_15.bmp
- %ProgramFiles%\JFoo\°ґЕҐ№Ш±ХБДМм.bmp
- %ProgramFiles%\JFoo\j_13.bmp
- %ProgramFiles%\JFoo\j_14.bmp
- %ProgramFiles%\JFoo\Нј±кСµБ·УЄ2.bmp
- %ProgramFiles%\JFoo\єЪЛ®Йэј¶.bmp
- %ProgramFiles%\JFoo\Лх·Е±кЦѕ.bmp
- %ProgramFiles%\JFoo\Нј±кСµБ·УЄ.bmp
- %ProgramFiles%\JFoo\two.bmp
- %ProgramFiles%\JFoo\A13.txt
- %ProgramFiles%\JFoo\ssds.bmp
- %ProgramFiles%\JFoo\one.bmp
- %ProgramFiles%\JFoo\ЅЕ±ѕЕдЦГ.ini
- %ProgramFiles%\JFoo\A5.txt
- %ProgramFiles%\JFoo\kb_ys.bmp
- %ProgramFiles%\JFoo\zl_ys.bmp
- %ProgramFiles%\JFoo\ЛСЛч¶ФКЦ3.bmp
- %ProgramFiles%\JFoo\ЛСЛч¶ФКЦ2.bmp
- %ProgramFiles%\JFoo\НЈЦ№И·¶Ё.bmp
- %ProgramFiles%\JFoo\BYAA1.bmp
- %ProgramFiles%\JFoo\°ґЕҐ»ШУЄ1.bmp
- %ProgramFiles%\JFoo\ЅбКшХЅ¶·2.bmp
- %ProgramFiles%\JFoo\°ґЕҐ·ЕЖъ2.bmp
- %ProgramFiles%\JFoo\°ґЕҐ·ЕЖъ1.bmp
- %ProgramFiles%\JFoo\Нј±к±¦КЇІ»№»2.bmp
- %ProgramFiles%\JFoo\j_12.bmp
- %ProgramFiles%\JFoo\BYAA.bmp
- %ProgramFiles%\JFoo\WZB.bmp
- %ProgramFiles%\JFoo\І»ФЩМбКѕ.bmp
- %ProgramFiles%\JFoo\ЙФєу.bmp
- %ProgramFiles%\JFoo\°ґЕҐІЛµҐ2.bmp
- %ProgramFiles%\JFoo\°ґЕҐПФКѕЧАГж2.bmp
- %ProgramFiles%\JFoo\Нј±кіЗ±¤ТСВъ2.bmp
- %ProgramFiles%\JFoo\Нј±кРиТЄ±¦КЇ2.bmp
- %ProgramFiles%\JFoo\BGJHY.bmp
- %ProgramFiles%\JFoo\A10.txt
- %ProgramFiles%\JFoo\A12.txt
- %ProgramFiles%\JFoo\Нј±кРиТЄ±¦КЇ.bmp
- %ProgramFiles%\JFoo\ИЎПыЙэј¶.bmp
- %ProgramFiles%\JFoo\°ґЕҐґУБР±нЦРЙѕіэ.bmp
- %ProgramFiles%\JFoo\BGJ.bmp
- %ProgramFiles%\JFoo\A2.txt
- %ProgramFiles%\JFoo\ssyy.bmp
- %ProgramFiles%\JFoo\j_6.bmp
- %ProgramFiles%\JFoo\j_7.bmp
- %ProgramFiles%\JFoo\j_4.bmp
- %ProgramFiles%\JFoo\j_5.bmp
- %ProgramFiles%\JFoo\j_10.bmp
- %ProgramFiles%\JFoo\j_11.bmp
- %ProgramFiles%\JFoo\j_8.bmp
- %ProgramFiles%\JFoo\j_9.bmp
- %ProgramFiles%\JFoo\j_3.bmp
- %ProgramFiles%\JFoo\456.bmp
- %ProgramFiles%\JFoo\789.bmp
- %ProgramFiles%\JFoo\A0.txt
- %ProgramFiles%\JFoo\123.bmp
- %ProgramFiles%\JFoo\j_1.bmp
- %ProgramFiles%\JFoo\j_2.bmp
- %ProgramFiles%\JFoo\wgr.bmp
- %ProgramFiles%\JFoo\A7.txt
- %ProgramFiles%\JFoo\°ґЕҐІЛµҐ.bmp
- %ProgramFiles%\JFoo\°ґЕҐґтїЄБДМм.bmp
- %ProgramFiles%\JFoo\A8.txt
- %ProgramFiles%\JFoo\A9.txt
- %ProgramFiles%\JFoo\°ґЕҐЦШРВФШИл.bmp
- %ProgramFiles%\JFoo\№эНјLOGO.bmp
- %ProgramFiles%\JFoo\°ґЕҐПВ№ХЅЗ.bmp
- %ProgramFiles%\JFoo\°ґЕҐПФКѕЧАГж.bmp
- %ProgramFiles%\JFoo\A6.txt
- %ProgramFiles%\JFoo\dm.dll
- %ProgramFiles%\JFoo\RegDll.dll
- %ProgramFiles%\JFoo\zdy.txt
- <Current directory>\plugin\SYS.ini
- %ProgramFiles%\JFoo\A3.txt
- %ProgramFiles%\JFoo\A4.txt
- %ProgramFiles%\JFoo\recvfile.wav
- %ProgramFiles%\JFoo\A1.txt
- %ProgramFiles%\JFoo\ymrw2.bmp
- %ProgramFiles%\JFoo\ax1.bmp
- %ProgramFiles%\JFoo\x10.bmp
- %ProgramFiles%\JFoo\ymrw1.bmp
- %ProgramFiles%\JFoo\ax4.bmp
- %ProgramFiles%\JFoo\ax5.bmp
- %ProgramFiles%\JFoo\ax2.bmp
- %ProgramFiles%\JFoo\ax3.bmp
- %ProgramFiles%\JFoo\x9.bmp
- %ProgramFiles%\JFoo\Нј±кНП·ЕЙѕіэ.bmp
- %ProgramFiles%\JFoo\fsu4.bmp
- %ProgramFiles%\JFoo\МШ1.bmp
- %ProgramFiles%\JFoo\МШ2.bmp
- %ProgramFiles%\JFoo\gjnh2.bmp
- %ProgramFiles%\JFoo\x8.bmp
- %ProgramFiles%\JFoo\fsu5.bmp
- %ProgramFiles%\JFoo\gjnh1.bmp
- <Current directory>\plugin\FILE.ini
- %TEMP%\BackGround.bmp
- <Current directory>\cfgdll.dll
- <Current directory>\plugin\SYS.DLL
- %TEMP%\mymacro.zip
- %TEMP%\1a03.tmp
- <Current directory>\<File name>.ini
- <Current directory>\ShieldModule.dat
- %APPDATA%\mymacro\qdisp.dll
- <Current directory>\plugin\FILE.DLL
- %TEMP%\mac2.tmp
- %TEMP%\plugin.zip
- %TEMP%\mymacro_errinfo.exe
- %TEMP%\mac1.tmp
- <Current directory>\plugin\BGCP2_02.DLL
- <Current directory>\plugin\REGDLL.DLL
- <Current directory>\plugin\MSG.DLL
- <Current directory>\plugin\WINDOW.DLL
- <Current directory>\radiobox_unchecked.ico
- <Current directory>\radiobox_disabled_checked.ico
- <Current directory>\checkbox_disabled_unchecked.ico
- <Current directory>\radiobox_checked.ico
- <Current directory>\browsebox_dir.ico
- %TEMP%\~DFDB3F.tmp
- <Current directory>\radiobox_disabled_unchecked.ico
- <Current directory>\browsebox_file.ico
- <Current directory>\checkbox_disabled_checked.ico
- %APPDATA%\qmacro\shield\SD002.dat
- %APPDATA%\qmacro\shield\SD003.dat
- %APPDATA%\qmacro\shield\SD000.dat
- %APPDATA%\qmacro\shield\SD001.dat
- <Current directory>\checkbox_checked.ico
- <Current directory>\checkbox_unchecked.ico
- %APPDATA%\qmacro\shield\SD004.dat
- %APPDATA%\qmacro\shield\Shield.ini
- %ProgramFiles%\JFoo\ax6.bmp
- %ProgramFiles%\JFoo\sdys.bmp
- %ProgramFiles%\JFoo\6q1.bmp
- %ProgramFiles%\JFoo\12.bmp
- %ProgramFiles%\JFoo\13.bmp
- %ProgramFiles%\JFoo\9q1.bmp
- %ProgramFiles%\JFoo\10q1.bmp
- %ProgramFiles%\JFoo\7q1.bmp
- %ProgramFiles%\JFoo\8q1.bmp
- %ProgramFiles%\JFoo\11.bmp
- %ProgramFiles%\JFoo\5.bmp
- %ProgramFiles%\JFoo\6.bmp
- %ProgramFiles%\JFoo\3.bmp
- %ProgramFiles%\JFoo\4.bmp
- %ProgramFiles%\JFoo\9.bmp
- %ProgramFiles%\JFoo\10.bmp
- %ProgramFiles%\JFoo\7.bmp
- %ProgramFiles%\JFoo\8.bmp
- %ProgramFiles%\JFoo\bt2a.bmp
- %ProgramFiles%\JFoo\bt2b.bmp
- %ProgramFiles%\JFoo\bt1a.bmp
- %ProgramFiles%\JFoo\bt1b.bmp
- %ProgramFiles%\JFoo\fs6.bmp
- %ProgramFiles%\JFoo\fs7.bmp
- %ProgramFiles%\JFoo\bt3a.bmp
- %ProgramFiles%\JFoo\bt3b.bmp
- %ProgramFiles%\JFoo\pj8.bmp
- %ProgramFiles%\JFoo\11q2.bmp
- %ProgramFiles%\JFoo\4q1.bmp
- %ProgramFiles%\JFoo\10q2.bmp
- %ProgramFiles%\JFoo\11q.bmp
- %ProgramFiles%\JFoo\pj6.bmp
- %ProgramFiles%\JFoo\pj7.bmp
- %ProgramFiles%\JFoo\5q1.bmp
- %ProgramFiles%\JFoo\ln4.bmp
- %ProgramFiles%\JFoo\2.bmp
- %ProgramFiles%\JFoo\by8.bmp
- %ProgramFiles%\JFoo\fsu1.bmp
- %ProgramFiles%\JFoo\by6.bmp
- %ProgramFiles%\JFoo\by7.bmp
- %ProgramFiles%\JFoo\GR.bmp
- %ProgramFiles%\JFoo\°ґЕҐ»ШУЄ.bmp
- %ProgramFiles%\JFoo\fsu2.bmp
- %ProgramFiles%\JFoo\fsu3.bmp
- %ProgramFiles%\JFoo\by5.bmp
- %ProgramFiles%\JFoo\blcb4.bmp
- %ProgramFiles%\JFoo\blcb5.bmp
- %ProgramFiles%\JFoo\blcb2.bmp
- %ProgramFiles%\JFoo\blcb3.bmp
- %ProgramFiles%\JFoo\by3.bmp
- %ProgramFiles%\JFoo\by4.bmp
- %ProgramFiles%\JFoo\blcb6.bmp
- %ProgramFiles%\JFoo\by2.bmp
- %ProgramFiles%\JFoo\14.bmp
- %ProgramFiles%\JFoo\15.bmp
- %ProgramFiles%\JFoo\A11.txt
- %ProgramFiles%\JFoo\Нј±к±¦КЇІ»№».bmp
- %ProgramFiles%\JFoo\18.bmp
- %ProgramFiles%\JFoo\1.bmp
- %ProgramFiles%\JFoo\16.bmp
- %ProgramFiles%\JFoo\17.bmp
- %ProgramFiles%\JFoo\Нј±кНцБй.bmp
- %ProgramFiles%\JFoo\°ґЕҐ№Ш±ХФм±ш.bmp
- %ProgramFiles%\JFoo\Нј±кНцБй1.bmp
- %ProgramFiles%\JFoo\°ґЕҐЅр±ТЙэј¶.bmp
- %ProgramFiles%\JFoo\°ґЕҐКҐЛ®Йэј¶.bmp
- %ProgramFiles%\JFoo\Нј±к·ЁКх.bmp
- %ProgramFiles%\JFoo\Нј±к·ЁКх1.bmp
- %ProgramFiles%\JFoo\Нј±кТ°ВщИЛ.bmp
- %ProgramFiles%\JFoo\Нј±кТ°ВщИЛ1.bmp
- <Current directory>\radiobox_disabled_checked.ico
- <Current directory>\radiobox_unchecked.ico
- <Current directory>\radiobox_checked.ico
- <Current directory>\browsebox_dir.ico
- <Current directory>\browsebox_file.ico
- <Current directory>\radiobox_disabled_unchecked.ico
- <Current directory>\checkbox_disabled_unchecked.ico
- <Current directory>\ShieldModule.dat
- %TEMP%\mymacro.zip
- %TEMP%\plugin.zip
- <Current directory>\checkbox_disabled_checked.ico
- <Current directory>\checkbox_unchecked.ico
- <Current directory>\checkbox_checked.ico
- from %TEMP%\BackGround.bmp to %TEMP%\b14background.bmp
- '7.##iug.com':8088
- '6.##iug.com':8088
- '4.##iug.com':8088
- '5.##iug.com':8088
- '1.##iug.com':8088
- '3.##iug.com':8088
- 'localhost':1040
- 'c.###huoa.com':80
- '2.##iug.com':8088
- '8.##iug.com':8088
- '9.##iug.com':8088
- http://c.###huoa.com/c2/MymacroidSalesUrl.aspx?my#######################
- http://c.###huoa.com/banner/Q10624.htm
- DNS ASK 7.##iug.com
- DNS ASK 6.##iug.com
- DNS ASK 4.##iug.com
- DNS ASK 5.##iug.com
- DNS ASK 1.##iug.com
- DNS ASK 2.##iug.com
- DNS ASK c.###huoa.com
- DNS ASK 9.##iug.com
- DNS ASK 3.##iug.com
- DNS ASK 8.##iug.com
- ClassName: 'Shell_TrayWnd' WindowName: ''