Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] '"%TEMP%\delInstav2009.bat"' = '"%TEMP%\delInstav2009.bat"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Antivirus 2009' = '%PROGRAM_FILES%\Antivirus 2009\AV2009.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '<Full path to virus>"' = '<Full path to virus>"'
- %ALLUSERSPROFILE%\Start Menu\Antivirus 2009\Support.lnk
- %ALLUSERSPROFILE%\Start Menu\Antivirus 2009\Uninstall Antivirus 2009.lnk
- %TEMP%\delInstav2009.bat
- %TEMP%\zip.zip
- %HOMEPATH%\Desktop\Antivirus 2009.lnk
- %ALLUSERSPROFILE%\Start Menu\Antivirus 2009\Antivirus 2009.lnk
- %TEMP%\zip.zip
- '21#.#0.112.104':80
- 21#.#0.112.104/install/zip.zip
- 21#.#0.112.104/src.php
- ClassName: 'Shell_TrayWnd' WindowName: ''