Technical Information
To ensure autorun and distribution:
Modifies the following registry keys:
- [<HKLM>\SOFTWARE\Microsoft\Command Processor] 'Autorun' = 'Z:\Free Porn Pictures.htm.exe'
Creates or modifies the following files:
- %HOMEPATH%\Start Menu\Programs\Startup\Scholarship Finder.htm.exe
Creates the following files on removable media:
- <Drive name for removable media>:\Scholarship Finder.htm.exe
- <Drive name for removable media>:\DV Lottory Crack.htm.exe
- <Drive name for removable media>:\Beyonce Naked.htm.exe
- <Drive name for removable media>:\Free Porn Pictures.htm.exe
- <Drive name for removable media>:\autorun.inf
Modifies file system :
Creates the following files:
- C:\Scholarship Finder.htm.exe
- C:\DV Lottory Crack.htm.exe
- C:\Beyonce Naked.htm.exe
- C:\Free Porn Pictures.htm.exe
- C:\autorun.inf
Deletes the following files:
- C:\autorun.inf
- <Drive name for removable media>:\autorun.inf
Miscellaneous:
Searches for the following windows:
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'