Техническая информация
- <SYSTEM32>\rundll32.exe "%APPDATA%\AntiVirus Plus\AntiVirus Plus.70367200.dll", start 70367200
- %APPDATA%\AntiVirus Plus\AntiVirus Plus.70367200.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\real[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\windowsupdate.microsoft[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\avplus[1].dll
- 'an####rus-pluss.org':80
- '20#.#6.232.182':80
- 'localhost':1034
- an####rus-pluss.org/cb/real.php?id#########
- an####rus-pluss.org/install/avplus.dll
- 20#.#6.232.182/
- DNS ASK an####rus-pluss.org
- DNS ASK windowsupdate.microsoft.com
- ClassName: 'SysPager' WindowName: ''
- ClassName: 'ToolbarWindow32' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'TrayNotifyWnd' WindowName: ''