Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Total PC Defender 2010' = '%ProgramFiles%\SystemDefender2010\Total PC Defender 2010.exe'
- '<SYSTEM32>\cmd.exe' /c del <Полный путь к файлу> > nul
- '%ProgramFiles%\SystemDefender2010\Total PC Defender 2010.exe'
- opera.exe
- skype.exe
- firefox.exe
- ICQ.exe
- chrome.exe
- %HOMEPATH%\Start Menu\Total PC Defender 2010\Total PC Defender 2010.lnk
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\KHMHGZ4F\update_v2[1].php
- %HOMEPATH%\Desktop\Total PC Defender 2010.lnk
- %ProgramFiles%\SystemDefender2010\Total PC Defender 2010.exe
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Total PC Defender 2010.lnk
- 'an#####ware-master.com':80
- http://an#####ware-master.com/update_v2.php?ve################################################################################################
- http:///checkupdate.php via an#####ware-master.com
- DNS ASK an#####ware-master.com
- ClassName: 'Shell_TrayWnd' WindowName: ''