Technical Information
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\404[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\404[1].php
- from <Full path to virus> to %TEMP%\tmpF1BD.tmp
- 'cl####esquite.org':80
- cl####esquite.org/404.php?ty################################
- DNS ASK cl####esquite.org