Technical Information
- <Drive name for removable media>:\autorun.inf
- <Drive name for removable media>:\system.dll
- '<SYSTEM32>\rundll32.exe' fldrclnr.dll,Wizard_RunDLL
- '%WINDIR%\explorer.exe'
- %WINDIR%\Explorer.EXE
- %WINDIR%\clbcatq.dll
- <Drive name for removable media>:\system.dll
- 'he#####4tuytulth2.info':80
- 'us###.cjb.net':80
- 'he###h2.co.cc':80
- 'he####657m4d.co.cc':80
- http://he#####4tuytulth2.info/l.php?v=####################################
- http://us###.cjb.net/zagzag34/1.txt?v=####################################
- http://he###h2.co.cc/l.php?v=####################################
- http://he####657m4d.co.cc/l.php?v=####################################
- DNS ASK he#####4tuytulth2.info
- DNS ASK us###.cjb.net
- DNS ASK he###h2.co.cc
- DNS ASK he####657m4d.co.cc
- ClassName: '' WindowName: ''
- ClassName: 'SystemTray_Main' WindowName: ''
- ClassName: 'CSCHiddenWindow' WindowName: ''
- ClassName: 'OleMainThreadWndClass' WindowName: ''
- ClassName: 'Proxy Desktop' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'BaseBar' WindowName: 'ChanApp'