Technical Information
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\winlogon.exe
- %CommonProgramFiles%\Microsoft Shared\Au_AuTo.dll
- %CommonProgramFiles%\Microsoft Shared\services.exe
- %CommonProgramFiles%\Microsoft Shared\Au_DVD.dll
- <SYSTEM32>\cmd.exe /c mybat.bat
- %CommonProgramFiles%\Microsoft Shared\au_bind.au
- %CommonProgramFiles%\Microsoft Shared\Au_AuTo.dll
- %CommonProgramFiles%\Microsoft Shared\Au_Tj.TMP
- <Current directory>\mybat.bat
- %CommonProgramFiles%\Microsoft Shared\Au_TT.dll
- %CommonProgramFiles%\Microsoft Shared\Au_DVD.dll
- %CommonProgramFiles%\Microsoft Shared\Au_Dvd.TMP
- %CommonProgramFiles%\Microsoft Shared\Au_Dw.TMP
- %CommonProgramFiles%\Microsoft Shared\Au_AuTo.TMP
- %CommonProgramFiles%\Microsoft Shared\services.exe
- %CommonProgramFiles%\Microsoft Shared\Au_AuTo.TMP
- %CommonProgramFiles%\Microsoft Shared\Au_Dw.TMP
- %CommonProgramFiles%\Microsoft Shared\Au_Dvd.TMP
- 'ba###.mamamg02.info':969
- 'tt##.ma3tg.info':583
- 'dl##.tzxfhq.cn':8
- 'au##.#ame521.org':888
- DNS ASK ba###.mamamg02.info
- DNS ASK tt##.ma3tg.info
- DNS ASK dl##.tzxfhq.cn
- DNS ASK au##.#ame521.org
- ClassName: 'Shell_TrayWnd' WindowName: ''