Technical Information
- [<HKLM>\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'helper.dll' = '<SYSTEM32>\rundll32.exe C:\PROGRA~2\3721\helper.dll,Rundll32'
- %ProgramFiles%\3721\i3721res.dat
- %ProgramFiles%\3721\3721\helper.dll
- %ProgramFiles%\3721\3721\cns01.dat
- %ProgramFiles%\3721\cns01.dat
- %ProgramFiles%\3721\helper.dll
- %ProgramFiles%\3721\autolive.dll
- %ProgramFiles%\3721\3721\cns01.dat
- %ProgramFiles%\3721\3721\helper.dll
- %ProgramFiles%\3721\i3721res.dat
- DNS ASK do####ad.3721.com
- '%WINDIR%\syswow64\rundll32.exe' C:\PROGRA~2\3721\helper.dll,Rundll32