Техническая информация
- [<HKLM>\SOFTWARE\Classes\nternetShortcut\shell\open\command] '' = '"%PROGRAM_FILES%\Avant Browser\avant.exe" %1'
- [<HKLM>\SOFTWARE\Classes\HTTP\shell\open\command] '' = '"%PROGRAM_FILES%\Avant Browser\avant.exe" %1'
- %TEMP%\AvantBrowser.exe
- "%TEMP%\Setup.exe" (загружен из сети Интернет)
- <SYSTEM32>\ping.exe -n 3 127.1
- <SYSTEM32>\cmd.exe /c delname123.bat
- <SYSTEM32>\RecordIni.ini
- <Текущая директория>\delname123.bat
- %TEMP%\Setup.exe
- %TEMP%\AvantBrowser.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\Download[1].aspx
- %TEMP%\AvantBrowser.exe
- 'www.av###browser.cn':80
- www.av###browser.cn/CheckUpdate/UI/Download/Download.aspx?Fi###########
- DNS ASK www.av###browser.cn