Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] '%TEMP%\delInstavp2009.bat' = '%TEMP%\delInstavp2009.bat'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'AVP 2009' = '%ProgramFiles%\AVP09\BIN\AV2009.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '<Полный путь к вирусу>"' = '<Полный путь к вирусу>"'
- %ALLUSERSPROFILE%\Start Menu\Antivirus Protection Center\Support.lnk
- %ALLUSERSPROFILE%\Start Menu\Antivirus Protection Center\Uninstall AVP09.lnk
- %TEMP%\delInstavp2009.bat
- %ALLUSERSPROFILE%\Start Menu\Antivirus Protection Center\On the Web.lnk
- %TEMP%\zipFull.zip
- %HOMEPATH%\Desktop\AVP 2009.lnk
- %ALLUSERSPROFILE%\Start Menu\Antivirus Protection Center\AVP 2009.lnk
- %TEMP%\zipFull.zip
- 'av#####ctioncenter.com':80
- http://av#####ctioncenter.com/download/full.zip
- DNS ASK av#####ctioncenter.com
- ClassName: 'Shell_TrayWnd' WindowName: ''