Техническая информация
Вредоносные функции:
Запускает на исполнение:
- '<SYSTEM32>\regsvr32.exe' atl.dll /s
Устанавливает процедуры перхвата сообщений
о нажатии клавиш клавиатуры:
- Библиотека-обработчик для всех процессов: <Текущая директория>\cfgdll.dll
Изменения в файловой системе:
Создает следующие файлы:
- %WINDIR%\Dhx\»ЇЙъЛВ.bmp
- %WINDIR%\Dhx\і¤КЩґе.bmp
- %WINDIR%\Dhx\·ЅґзЙЅ.bmp
- %WINDIR%\Dhx\і¤КЩґеНв.bmp
- %WINDIR%\Dhx\»К№¬.bmp
- %WINDIR%\Dhx\ґуСгЛю.bmp
- %WINDIR%\Dhx\°Ч№ЗЙЅ.bmp
- %WINDIR%\Dhx\М칬.bmp
- %WINDIR%\Dhx\БъїЯ.bmp
- %WINDIR%\Dhx\·піІ.bmp
- %WINDIR%\Dhx\±±ѕгВ«ЦЮ.bmp
- %WINDIR%\Dhx\°БАґ№ъ.bmp
- %WINDIR%\Dhx\·ЅґзєуЙЅ.bmp
- %WINDIR%\Dhx\Е®¶щґе.bmp
- %WINDIR%\Dhx\Бъ№¬.bmp
- %WINDIR%\Dhx\ЙєєчєЈµє.bmp
- %WINDIR%\Dhx\ОеЦёЙЅ.bmp
- %WINDIR%\Dhx\ґуМЖ±Яѕі.bmp
- %WINDIR%\Dhx\ЖХНУЙЅ.bmp
- %WINDIR%\Dhx\µШПВ№нµє.bmp
- %WINDIR%\Dhx\ВеСфіЗ.bmp
- %WINDIR%\Dhx\КЁНХБл.bmp
- %WINDIR%\Dhx\єЈµЧГФ№¬.bmp
- %WINDIR%\Dhx\ОеЧЇ№Ы.bmp
- %WINDIR%\Dhx\НтКЩЙЅ.bmp
- %WINDIR%\Dhx\ЛДКҐЧЇ.bmp
- %WINDIR%\Dhx\ґуМЖѕіДЪ.bmp
- %WINDIR%\Dhx\¶«єЈУжґе.bmp
- %WINDIR%\Dhx\і¤°ІіЗ¶«.bmp
- %WINDIR%\Dhx\БйКЮґе.bmp
- %WINDIR%\Dhx\К¦ГЕНкіЙ.bmp
- %WINDIR%\Dhx\ИХАъ.bmp
- %WINDIR%\Dhx\ЅУК¦ГЕ.bmp
- %WINDIR%\Dhx\Dha.bmp
- %WINDIR%\Dhx\ПыєДMp.bmp
- %WINDIR%\Dhx\GСэ.bmp
- %WINDIR%\Dhx\И·¶ЁA.bmp
- %WINDIR%\Dhx\ESC.bmp
- %WINDIR%\Dhx\ч»ЧУ.bmp
- %WINDIR%\Dhx\СыЗлID.bmp
- %WINDIR%\Dhx\СйЦ¤.bmp
- %WINDIR%\Dhx\К¦ГЕИООс.bmp
- %WINDIR%\Dhx\СІВЯ.bmp
- %WINDIR%\Dhx\ЕЕ¶У.bmp
- %WINDIR%\Dhx\Sz.bmp
- %WINDIR%\Dhx\№гє®№¬.bmp
- %WINDIR%\Dhx\іцБ¦.bmp
- %WINDIR%\Dhx\µШІШёз.bmp
- %WINDIR%\Dhx\уґМТФ°.bmp
- %WINDIR%\Dhx\УщВнја.bmp
- %WINDIR%\Dhx\СюіШ.bmp
- %WINDIR%\Dhx\РЮВЮ№ЕіЗ.bmp
- %WINDIR%\Dhx\№нНхИООс.bmp
- %WINDIR%\Dhx\·іИЛ.bmp
- %WINDIR%\Dhx\НёГч¶И.bmp
- %WINDIR%\Dhx\№нНх»ШіЗ·ы.bmp
- %WINDIR%\Dhx\ЅУ№нНх.bmp
- %WINDIR%\Dhx\№Ш±ХИООс.bmp
- %WINDIR%\Dhx\CMk.bmp
- %WINDIR%\Dhx\СтЦ¬ПЙВ¶.bmp
- %WINDIR%\Dhx\ЦР№ъЅб.bmp
- %WINDIR%\Dhx\РЗРЗ.bmp
- %WINDIR%\Dhx\ЅµСэИООс.bmp
- %WINDIR%\Dhx\А¶Й«СэНх.bmp
- %WINDIR%\Dhx\єЪЙЅСэНх.bmp
- %WINDIR%\Dhx\ИэН·Д§Нх.bmp
- %WINDIR%\Dhx\F7.bmp
- %WINDIR%\Dhx\F6.bmp
- %WINDIR%\Dhx\F5.bmp
- %WINDIR%\Dhx\F8.bmp
- %WINDIR%\Dhx\Mhz.ini
- %WINDIR%\Dhx\ХЛєЕM.bmp
- %WINDIR%\Dhx\УОП·.bmp
- %WINDIR%\Dhx\НтДкРЬНх.bmp
- %WINDIR%\Dhx\±ЈіЦЕеАј.bmp
- %WINDIR%\Dhx\ЕеАј.bmp
- %WINDIR%\Dhx\cthm.bmp
- %WINDIR%\Dhx\їв3.txt
- %WINDIR%\Dhx\°ґЕҐ.bmp
- %WINDIR%\Dhx\·ЙРР.bmp
- %WINDIR%\Dhx\БйЦҐ.bmp
- %WINDIR%\Dhx\ЅµСэЛ«±¶.bmp
- %WINDIR%\Dhx\БмИЎИООс.bmp
- %WINDIR%\Dhx\Аоёз.bmp
- %WINDIR%\Dhx\ё«Н·°пЧЬІї.bmp
- %WINDIR%\Dhx\ОЮіЈµ¤.bmp
- %WINDIR%\Dhx\·З·ЁЧЦ·ы.bmp
- %WINDIR%\Dhx\ОпАнОьКХВК.bmp
- %WINDIR%\Dhx\F4.bmp
- %WINDIR%\Dhx\СйЦ¤B.bmp
- %WINDIR%\Dhx\СйЦ¤A.bmp
- %WINDIR%\Dhx\±»ХјУГ.bmp
- %WINDIR%\Dhx\ХыАн.bmp
- %WINDIR%\Dhx\јјДЬЅМіМ.bmp
- %WINDIR%\Dhx\TX.bmp
- %WINDIR%\Dhx\Ч°±ёІїО».bmp
- %WINDIR%\Dhx\АјИфЛВ.bmp
- %WINDIR%\Dhx\ВЦ»ШЛѕ.bmp
- %WINDIR%\Dhx\µШУьГФ№¬.bmp
- %WINDIR%\Dhx\µШё®.bmp
- %WINDIR%\Dhx\№нµЫ.bmp
- %WINDIR%\Dhx\І»ПлЧҐ.bmp
- %WINDIR%\Dhx\і¤°І.bmp
- %WINDIR%\Dhx\УОП·ЙиЦГ.bmp
- %WINDIR%\Dhx\ФЭК±Ал¶У.bmp
- %WINDIR%\Dhx\»Ш№й¶УОй.bmp
- %WINDIR%\Dhx\іЖОЅA.bmp
- %WINDIR%\Dhx\ОТТЄЧЎµк.bmp
- %WINDIR%\Dhx\F3.bmp
- %WINDIR%\Dhx\F2.bmp
- %WINDIR%\Dhx\F1.bmp
- %WINDIR%\Dhx\ЖБ±ООе»·.bmp
- %WINDIR%\Dhx\Р§№ы.bmp
- %WINDIR%\Dhx\ёцИЛ.bmp
- %WINDIR%\Dhx\Ч°±ё¶Ф±И.bmp
- %WINDIR%\Dhx\MMh.bmp
- %WINDIR%\Dhx\іЖОЅ.bmp
- %WINDIR%\Dhx\°ь№ьТСВъ.bmp
- %WINDIR%\Dhx\DwR.bmp
- %WINDIR%\Dhx\№Ш±Х.bmp
- %WINDIR%\Dhx\ЖБ±ОA.bmp
- %WINDIR%\Dhx\ХТ.bmp
- %WINDIR%\Dhx\єГУС.bmp
- %WINDIR%\Dhx\єГУСA.bmp
- %WINDIR%\Dhx\ЛСЛч.bmp
- %WINDIR%\Dhx\»ШіЗ.bmp
- %WINDIR%\Dhx\ЦёТэ.bmp
- %WINDIR%\Dhx\А¬»шA.bmp
- %WINDIR%\Dhx\ёЯј¶КХЛч.bmp
- %WINDIR%\Dhx\А¬»шB.bmp
- %WINDIR%\Dhx\ФЭК±ЖБ±О.bmp
- %WINDIR%\Dhx\И«Ії.bmp
- %WINDIR%\Dhx\ІйїґМх.bmp
- %WINDIR%\Dhx\МУЕЬ.bmp
- %WINDIR%\Dhx\ХЩ.bmp
- %WINDIR%\Dhx\№й.bmp
- %WINDIR%\Dhx\·АУщ.bmp
- %WINDIR%\Dhx\ОпЖ·.bmp
- %WINDIR%\Dhx\І»ИҐ.bmp
- %WINDIR%\Dhx\СІІй.bmp
- %WINDIR%\Dhx\ЧЯЖр.bmp
- %WINDIR%\Dhx\Ійїґ.bmp
- %WINDIR%\Dhx\ґжФЪ.bmp
- %WINDIR%\Dhx\СыЗл.bmp
- %WINDIR%\Dhx\АлїЄ.bmp
- %WINDIR%\Dhx\ЅУКЬ.bmp
- %WINDIR%\Dhx\·ўЛН.bmp
- %WINDIR%\Dhx\јјДЬA.bmp
- %WINDIR%\Dhx\ЧФ¶ЇХЅ¶·.bmp
- %WINDIR%\Dhx\И·¶Ё.bmp
- %WINDIR%\Dhx\А¬»ш.bmp
- %WINDIR%\Dhx\ґ©Ч°.bmp
- %WINDIR%\Dhx\јјДЬ.bmp
- %WINDIR%\Dhx\µАѕЯ.bmp
- %WINDIR%\Dhx\ЖАјЫ.bmp
- %WINDIR%\Dhx\dm.dll
- %WINDIR%\Dhx\RegDll.dll
- <Текущая директория>\plugin\FILE.ini
- %WINDIR%\Dhx\Dh.bmp
- %WINDIR%\Dhx\БмИЎ.bmp
- %WINDIR%\Dhx\¶Ф»°.bmp
- %WINDIR%\Dhx\ИООс.bmp
- %WINDIR%\Dhx\3ИЛ.bmp
- %WINDIR%\Dhx\СэПг.bmp
- %WINDIR%\Dhx\С©Б«.bmp
- %WINDIR%\Dhx\±ЈіЦС©Б«.bmp
- %WINDIR%\Dhx\±ЈіЦСэПг.bmp
- %WINDIR%\Dhx\·Ѕ±гК№УГ.bmp
- %WINDIR%\Dhx\јУ.bmp
- %WINDIR%\Dhx\ИЛОп.bmp
- %WINDIR%\Dhx\¶УОй.bmp
- %WINDIR%\Dhx\РЎ»Ж.bmp
- %WINDIR%\Dhx\·ЁКх.bmp
- %WINDIR%\Dhx\ЙкЗл.bmp
- %WINDIR%\Dhx\ЧҐ№н.bmp
- %WINDIR%\Dhx\їв1.txt
- %WINDIR%\Dhx\ЙкЗлИл¶У.bmp
- %WINDIR%\Dhx\І»Пл.bmp
- %WINDIR%\Dhx\»№КЗїґїґ.bmp
- %WINDIR%\Dhx\ёЈФґ.bmp
- %WINDIR%\Dhx\ЧҐ№нЛ«±¶.bmp
- %WINDIR%\Dhx\ґуЅ±.bmp
- %WINDIR%\Dhx\їЄЖф.bmp
- %WINDIR%\Dhx\Г»К±јд.bmp
- %WINDIR%\Dhx\З§Зп.bmp
- %WINDIR%\Dhx\Д№±®.bmp
- %WINDIR%\Dhx\ФЭК±.bmp
- %WINDIR%\Dhx\№Ш±ХA.bmp
- %WINDIR%\Dhx\И·ИПРЮАн.bmp
- %WINDIR%\Dhx\Вфіц.bmp
- %WINDIR%\Dhx\ЛµЗ®.bmp
- %WINDIR%\Dhx\АсєР.bmp
- %WINDIR%\Dhx\РВЅЁЅЗЙ«.bmp
- %WINDIR%\Dhx\ЅшИлУОП·.bmp
- %WINDIR%\Dhx\ИЎПыµЗВј.bmp
- %WINDIR%\Dhx\НкЙЖ.bmp
- %WINDIR%\Dhx\ОТЅУКЬ.bmp
- %WINDIR%\Dhx\µЗВјИ·¶Ё.bmp
- %WINDIR%\Dhx\ХЛєЕA.bmp
- %WINDIR%\Dhx\ОдµЫ.bmp
- %WINDIR%\Dhx\Mba.bmp
- %WINDIR%\Dhx\Mb.bmp
- %WINDIR%\Dhx\ТСБ¶Сэ.bmp
- %WINDIR%\Dhx\ХЛєЕ.bmp
- %WINDIR%\Dhx\УР.bmp
- %WINDIR%\Dhx\Mbb.bmp
- %WINDIR%\Dhx\ID.bmp
- %WINDIR%\Dhx\РиТЄ.bmp
- %WINDIR%\Dhx\КЇ±®.bmp
- %WINDIR%\Dhx\І»Бм.bmp
- %WINDIR%\Dhx\јјДЬB.bmp
- %WINDIR%\Dhx\Ал.bmp
- %WINDIR%\Dhx\РЮBB.bmp
- %WINDIR%\Dhx\WHF.bmp
- %WINDIR%\Dhx\А¬»шM.bmp
- %WINDIR%\Dhx\H.bmp
- %WINDIR%\Dhx\Лш.bmp
- %WINDIR%\Dhx\БмЅ±.bmp
- %WINDIR%\Dhx\БмИЎК±јд.bmp
- %WINDIR%\Dhx\Л«±¶.bmp
- %WINDIR%\Dhx\іЙі¤Ас°ь.bmp
- %WINDIR%\Dhx\ОТПлВт¶«Оч.bmp
- %WINDIR%\Dhx\¶Ф»°A.bmp
- %WINDIR%\Dhx\·ґ№З.bmp
- %WINDIR%\Dhx\Кй.bmp
- %WINDIR%\Dhx\НкіЙ.bmp
- %WINDIR%\Dhx\ТЖЅ».bmp
- %WINDIR%\Dhx\·ЕЖъ.bmp
- %WINDIR%\Dhx\ѕСйІ»Чг.bmp
- %WINDIR%\Dhx\°ІИ«.bmp
- %WINDIR%\Dhx\№єВт.bmp
- %WINDIR%\Dhx\Dd.bmp
- %WINDIR%\Dhx\А¬»шF.bmp
- %WINDIR%\Dhx\ОпЖ·x.bmp
- %WINDIR%\Dhx\ХЩ»Ѕ.bmp
- %WINDIR%\Dhx\№§ПІ.bmp
- %WINDIR%\Dhx\ЧҐ.bmp
- %WINDIR%\Dhx\єЪУс¶ПРшёа.bmp
- %WINDIR%\Dhx\№нЗРІЭ.bmp
- %WINDIR%\Dhx\МмЗаµШ°Ч.bmp
- %WINDIR%\Dhx\±рИЛµД.bmp
- %WINDIR%\Dhx\їЙТФЙъІъ.bmp
- %WINDIR%\Dhx\ѕЕЧЄБъПСПг.bmp
- %WINDIR%\Dhx\їв2.txt
- %WINDIR%\Dhx\ЧПКЇУў.bmp
- %WINDIR%\Dhx\єНєПЙў.bmp
- %WINDIR%\Dhx\ЭНИЎA.bmp
- %WINDIR%\Dhx\Йэј¶.bmp
- %WINDIR%\Dhx\ОґБмОт.bmp
- %WINDIR%\Dhx\С§П°.bmp
- %WINDIR%\Dhx\РЮБ¶.bmp
- %WINDIR%\Dhx\СтН·№ЦКфРФїЁ.bmp
- %WINDIR%\Dhx\ЙЅФфКфРФїЁ.bmp
- %WINDIR%\Dhx\јТ¶ЎКфРФїЁ.bmp
- %WINDIR%\Dhx\Е®ФфКфРФїЁ.bmp
- %WINDIR%\Dhx\РЎСэКфРФїЁ.bmp
- %WINDIR%\Dhx\»ЁСэКфРФїЁ.bmp
- %WINDIR%\Dhx\Т°№·КфРФїЁ.bmp
- %WINDIR%\Dhx\ЕЈСэКфРФїЁ.bmp
- %WINDIR%\Dhx\НГСэКфРФїЁ.bmp
- %WINDIR%\Dhx\БчГҐКфРФїЁ.bmp
- %WINDIR%\Dhx\ОдКїКфРФїЁ.bmp
- %WINDIR%\Dhx\Цн№ЦКфРФїЁ.bmp
- %WINDIR%\Dhx\СГТЫКфРФїЁ.bmp
- %WINDIR%\Dhx\Кї±шКфРФїЁ.bmp
- %WINDIR%\Dhx\Т№ІжКфРФїЁ.bmp
- %WINDIR%\Dhx\ЭНИЎ.bmp
- %WINDIR%\Dhx\·ы.bmp
- %WINDIR%\Dhx\µИј¶1.bmp
- %WINDIR%\Dhx\іцСйЦ¤A.bmp
- %WINDIR%\Dhx\їЁ.bmp
- %WINDIR%\Dhx\ЙъІъ±ај.ini
- %WINDIR%\Dhx\РиТЄЦ°Тµ.bmp
- %WINDIR%\Dhx\Т©.bmp
- %WINDIR%\Dhx\ЦЖ·ы.bmp
- %WINDIR%\Dhx\СЎФсЦ°Тµ.bmp
- %WINDIR%\Dhx\јУИлЦ°Тµ.bmp
- %WINDIR%\Dhx\Б¶СэОпЖ·.bmp
- %WINDIR%\Dhx\їґІ»Зе.bmp
- %WINDIR%\Dhx\іцСйЦ¤.bmp
- %WINDIR%\Dhx\Б¶СэОпЖ·A.bmp
- %WINDIR%\Dhx\іВЖ¤.bmp
- %WINDIR%\Dhx\ІЦїв.bmp
- %WINDIR%\Dhx\ґтїЄІЦїв.bmp
- %WINDIR%\Dhx\ЙъіЙKo.bmp
- %WINDIR%\Dhx\ФІДБП.bmp
- %WINDIR%\Dhx\·п»ЛОІ.bmp
- %WINDIR%\Dhx\ЙъІъЦР.bmp
- %WINDIR%\Dhx\КэБї.bmp
- %WINDIR%\Dhx\СтЦ¬.bmp
- %WINDIR%\Dhx\ФБП.bmp
- %WINDIR%\Dhx\ёКІЭТ¶.bmp
- %WINDIR%\Dhx\ЕЈ»Ж.bmp
- %WINDIR%\Dhx\ОТТЄЙъІъ.bmp
- %WINDIR%\Dhx\КЇУўЙ°.bmp
- %WINDIR%\Dhx\МъЅ¬.bmp
- %APPDATA%\qmacro\shield\SD003.dat
- %APPDATA%\qmacro\shield\SD004.dat
- %APPDATA%\qmacro\shield\Shield.ini
- %APPDATA%\qmacro\shield\SD002.dat
- <Текущая директория>\<Имя вируса>.ini
- %APPDATA%\qmacro\shield\SD000.dat
- %APPDATA%\qmacro\shield\SD001.dat
- <Текущая директория>\uservar.ini
- %WINDIR%\Dhx\0.bmp
- %WINDIR%\Dhx\1.bmp
- %TEMP%\~DFED73.tmp
- <Текущая директория>\timer_icon.ico
- <Текущая директория>\browsebox_file.ico
- <Текущая директория>\browsebox_dir.ico
- %TEMP%\2683.tmp
- <Текущая директория>\plugin\WINDOW.DLL
- <Текущая директория>\plugin\REGDLL.DLL
- <Текущая директория>\plugin\FILE.DLL
- <Текущая директория>\plugin\MSG.DLL
- %TEMP%\1.tmp
- %TEMP%\2.tmp
- %TEMP%\plugin.zip
- <Текущая директория>\cfgdll.dll
- <Текущая директория>\ShieldModule.dat
- %APPDATA%\mymacro\qdisp.dll
- %TEMP%\mymacro.zip
- <Текущая директория>\plugin\MEDIA.DLL
- <Текущая директория>\plugin\MYOP.DLL
- <Текущая директория>\plugin\REMOTEANSWER.DLL
- %WINDIR%\Dhx\іхј¶ЕАЧ·ыЦЅ.bmp
- %WINDIR%\Dhx\іхј¶ЗїЙн·ы.bmp
- %WINDIR%\Dhx\ОґБмОтA.bmp
- %WINDIR%\Dhx\ХЅЙсЕ®жґКфРФїЁ.bmp
- %WINDIR%\Dhx\іхј¶ЅрёХ·ы.bmp
- %WINDIR%\Dhx\ХрЙеЦ®іхј¶·ыОД.bmp
- %WINDIR%\Dhx\іхј¶·ЙЛЄ·ы.bmp
- %WINDIR%\Dhx\іхј¶ТжЖш·ы.bmp
- %WINDIR%\Dhx\Е®СэКфРФїЁ.bmp
- %WINDIR%\Dhx\¶ѕ·дКфРФїЁ.bmp
- %WINDIR%\Dhx\єьАкѕ«КфРФїЁ.bmp
- %WINDIR%\Dhx\РЎБъЕ®КфРФїЁ.bmp
- %WINDIR%\Dhx\З§ДкАПСэКфРФїЁ.bmp
- %WINDIR%\Dhx\ј¦ѕ«КфРФїЁ.bmp
- %WINDIR%\Dhx\чјчГ№ЦКфРФїЁ.bmp
- %WINDIR%\Dhx\ЕМЛїЦ®іхј¶·ыОД.bmp
- %WINDIR%\Dhx\іхј¶ИэК¬ёКІЭ·ы.bmp
- %WINDIR%\Dhx\ИэК¬Ц®іхј¶·ыОД.bmp
- %WINDIR%\Dhx\чИ»уЦ®іхј¶·ыОД.bmp
- %WINDIR%\Dhx\·вУЎЦ®іхј¶·ыОД.bmp
- %WINDIR%\Dhx\Ѕю¶ѕЦ®іхј¶·ыОД.bmp
- %WINDIR%\Dhx\ИлГОЦ®іхј¶·ыОД.bmp
- %WINDIR%\Dhx\К§РДЦ®іхј¶·ыОД.bmp
- %WINDIR%\Dhx\іхј¶їс·з·ыЦЅ.bmp
- %WINDIR%\Dhx\ЙІДЗЦ®іхј¶·ыОД.bmp
- %WINDIR%\Dhx\ЗїБ¦Ц®іхј¶·ыОД.bmp
- %WINDIR%\Dhx\іхј¶±јБч·ыЦЅ.bmp
- %WINDIR%\Dhx\№н»рЦ®іхј¶·ыОД.bmp
- %WINDIR%\Dhx\ТЕНьЦ®іхј¶·ыОД.bmp
- %WINDIR%\Dhx\іхј¶Мм»р·ыЦЅ.bmp
- %WINDIR%\Dhx\ОТТЄєПіЙ.bmp
- %WINDIR%\Dhx\ЙсКЮµ¤.bmp
- %WINDIR%\Dhx\ИЛІО№ы.bmp
- %WINDIR%\Dhx\єПіЙ.bmp
- %WINDIR%\Dhx\їЄ±і°ь.bmp
- %WINDIR%\Dhx\ѕЫЖшµ¤.bmp
- %WINDIR%\Dhx\јУѕСй.bmp
- %WINDIR%\Dhx\ХЅ¶·B.bmp
- %WINDIR%\Dhx\»б»б.bmp
- %WINDIR%\Dhx\Чш±к.txt
- %WINDIR%\Dhx\ГФ.bmp
- %WINDIR%\Dhx\Сэ.bmp
- %WINDIR%\Dhx\РЎ.bmp
- %WINDIR%\Dhx\В·.bmp
- %WINDIR%\Dhx\ИЛОпЛ«±¶.bmp
- %WINDIR%\Dhx\Мэёи.bmp
- %WINDIR%\Dhx\ЦТіП.bmp
- %WINDIR%\Dhx\ХЩ»Ѕh.bmp
- %WINDIR%\Dhx\И«ЖБ·ЁКх.bmp
- %WINDIR%\Dhx\Т©Ж·A.bmp
- %WINDIR%\Dhx\І№ід.bmp
- %WINDIR%\Dhx\ИјБйЦµ.bmp
- %WINDIR%\Dhx\БЅґОС©ІО.bmp
- %WINDIR%\Dhx\ЧҐ№нЛ«±¶A.bmp
- %WINDIR%\Dhx\±¦±¦Л«±¶.bmp
- %WINDIR%\Dhx\БЅґОПЙЛ®.bmp
- %WINDIR%\Dhx\·ЁКхh.bmp
- %WINDIR%\Dhx\±щ¶і.bmp
- %WINDIR%\Dhx\№нНхm.bmp
- %WINDIR%\Dhx\ХЅ¶·A.bmp
- %WINDIR%\Dhx\Г°ЕЭРЕПў.bmp
- %WINDIR%\Dhx\ґу»°j.ini
- %WINDIR%\Dhx\К§ИҐАнЦЗ.bmp
- %WINDIR%\Dhx\ґтїЄ.bmp
- %WINDIR%\Dhx\µИј¶РиЗу.bmp
- %WINDIR%\Dhx\їв.txt
- %WINDIR%\Dhx\УсВ¶Ни.bmp
- %WINDIR%\Dhx\СЄСМКЇ.bmp
- %WINDIR%\Dhx\±ШРлХЅ¶·.bmp
- %WINDIR%\Dhx\Ф¹ⱦєР.bmp
- %WINDIR%\Dhx\З§ДкБй»Ё.bmp
- %WINDIR%\Dhx\УРКµБ¦.bmp
- %WINDIR%\Dhx\¶ЁЙсПг.bmp
- %WINDIR%\Dhx\·зЛ®»мФЄµ¤.bmp
- %WINDIR%\Dhx\ДЪµ¤.bmp
- %WINDIR%\Dhx\КЬµЅ№Ґ»ч.bmp
- %WINDIR%\Dhx\ївM.txt
- %WINDIR%\Dhx\ЙъІъA.bmp
- %WINDIR%\Dhx\БмИЎК±јдA.bmp
- %WINDIR%\Dhx\ХЅ¶·.bmp
- %WINDIR%\Dhx\ґєЗпґуГО.bmp
- %WINDIR%\Dhx\MP3.mp3
- %WINDIR%\Dhx\ґу»°Hi.ini
- %WINDIR%\Dhx\И«ІїЙиЦГ.bmp
- %WINDIR%\Dhx\ґу»°l.ini
- %WINDIR%\Dhx\ЖЯЧУ»ШСфЙў.bmp
- %WINDIR%\Dhx\»оБ¦.bmp
- %WINDIR%\Dhx\ЙъІъ.bmp
- %WINDIR%\Dhx\і¤ёэ°ЧУсЙў.bmp
- %WINDIR%\Dhx\ПщХЕµДєЬ.bmp
- %WINDIR%\Dhx\ЧшЖпИООс.bmp
- %WINDIR%\Dhx\ЙкЗлјУИл.bmp
- %WINDIR%\Dhx\І»їНЖш.bmp
- %WINDIR%\Dhx\Бъ№¬L.bmp
- %WINDIR%\Dhx\°ЩАпПг.bmp
- %WINDIR%\Dhx\Т№ГчЦй.bmp
- %WINDIR%\Dhx\ЧЄЙъИООс.bmp
- %WINDIR%\Dhx\·ЦЦУ.bmp
- %WINDIR%\Dhx\Еы·з.bmp
- %WINDIR%\Dhx\Па±Ж.bmp
- %WINDIR%\Dhx\БоЕЖ.bmp
- %WINDIR%\Dhx\ј¶.bmp
- %WINDIR%\Dhx\Из№ыПЈНы.bmp
- %WINDIR%\Dhx\ґпёз.bmp
- %WINDIR%\Dhx\ёДМмФЩАґ.bmp
- %WINDIR%\Dhx\ОЮ·ЁНкіЙ.bmp
- %WINDIR%\Dhx\НкіЙЖґНј.bmp
- %WINDIR%\Dhx\вг»Ъ.bmp
- %WINDIR%\Dhx\Вт·ї.bmp
- %WINDIR%\Dhx\ОґС§П°.bmp
- %WINDIR%\Dhx\БЛЅв№нНх.bmp
- %WINDIR%\Dhx\БйКЮµ°.bmp
- %WINDIR%\Dhx\±ШРлХЅ¶·a.bmp
- %WINDIR%\Dhx\ёшОТ.bmp
- %WINDIR%\Dhx\ЧшЖп.bmp
- %WINDIR%\Dhx\їЄКј.bmp
- %WINDIR%\Dhx\ЖґНј.bmp
- %WINDIR%\Dhx\Чј±ёєГБЛ.bmp
- %WINDIR%\Dhx\№Тјю.bmp
- %WINDIR%\Dhx\ПЙєьПС.bmp
- %WINDIR%\Dhx\µ¤№рНи.bmp
- %WINDIR%\Dhx\БйТнМмПг.bmp
- %WINDIR%\Dhx\ґу»№µ¤.bmp
- %WINDIR%\Dhx\ЅрґґТ©.bmp
- %WINDIR%\Dhx\єЪХдЦй.bmp
- %WINDIR%\Dhx\°ЩКЮБйНи.bmp
- %WINDIR%\Dhx\Нх·ЅЖЅ.bmp
- %WINDIR%\Dhx\іМТ§Ѕр.bmp
- %WINDIR%\Dhx\І»Чг.bmp
- %WINDIR%\Dhx\µШІШНх.bmp
- %WINDIR%\Dhx\БзСтЅЗ.bmp
- %WINDIR%\Dhx\БЛЅвМмНҐИООс.bmp
- %WINDIR%\Dhx\АПѕэёз.bmp
- %WINDIR%\Dhx\ИООсАё.bmp
- %WINDIR%\Dhx\ЅУОе»·.bmp
- %WINDIR%\Dhx\ФЖУОґуК¦.bmp
- %WINDIR%\Dhx\Ое»·НкіЙ.bmp
- %WINDIR%\Dhx\ФЖУОґуК¦A.bmp
- %WINDIR%\Dhx\ГжѕЯ.bmp
- %WINDIR%\Dhx\Сьґш.bmp
- %WINDIR%\Dhx\РЎ»м.bmp
- %WINDIR%\Dhx\КЈУа.bmp
- %WINDIR%\Dhx\Ое»·.bmp
- %WINDIR%\Dhx\іЈ№жНж·Ё.bmp
- %WINDIR%\Dhx\Ое»·A.bmp
- %WINDIR%\Dhx\ёшУи.bmp
- %WINDIR%\Dhx\Ц±ЅУёшОТ.bmp
- %WINDIR%\Dhx\dhw.bmp
Удаляет следующие файлы:
- <Текущая директория>\browsebox_file.ico
- <Текущая директория>\browsebox_dir.ico
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\Q09958[1].htm
- <Текущая директория>\timer_icon.ico
- %TEMP%\plugin.zip
- %TEMP%\mymacro.zip
- <Текущая директория>\ShieldModule.dat
Сетевая активность:
Подключается к:
- 'c.###huoa.com':80
TCP:
Запросы HTTP GET:
- c.###huoa.com/banner/Q09958.htm
UDP:
- DNS ASK c.###huoa.com
Другое:
Ищет следующие окна:
- ClassName: 'Shell_TrayWnd' WindowName: ''
