Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'imPcRemoteTray' = '%ProgramFiles%\imPcRemote\imPcRemoteTray.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\mv2] 'Start' = '00000001'
- [<HKLM>\SYSTEM\ControlSet001\Services\mv2] 'ImagePath' = 'system32\DRIVERS\mv2.sys'
- [<HKLM>\SYSTEM\ControlSet001\Services\imPcRemoteService] 'ImagePath' = '%ProgramFiles%\imPcRemote\impcremote.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\impc_service] 'ImagePath' = '"%ProgramFiles%\imPcRemote\uvnc\rpuvnc.exe" -service'
- [<HKLM>\SYSTEM\ControlSet001\Services\imPcRemoteService] 'Start' = '00000002'
- '%ProgramFiles%\imPcRemote\uvnc\driver\xp\setupdrv.exe' install
- '%ProgramFiles%\imPcRemote\imPcRemoteTray.exe'
- '%ProgramFiles%\imPcRemote\imPcRemote.exe'
- '%TEMP%\RarSFX0\impcremote_tray_setup.exe' /VERYSILENT
- '%TEMP%\is-H2HQL.tmp\impcremote_tray_setup.tmp' /SL5="$2010E,2129648,56832,%TEMP%\RarSFX0\impcremote_tray_setup.exe" /VERYSILENT
- '%ProgramFiles%\imPcRemote\uvnc\setcad.exe'
- '<SYSTEM32>\runonce.exe' -r
- %ProgramFiles%\imPcRemote\uvnc\is-OAR7K.tmp
- %ProgramFiles%\imPcRemote\uvnc\is-LPHC6.tmp
- %ProgramFiles%\imPcRemote\uvnc\is-PD08O.tmp
- %ProgramFiles%\imPcRemote\unins.ini
- %ProgramFiles%\imPcRemote\is-784TL.tmp
- %ProgramFiles%\imPcRemote\is-1N0IR.tmp
- %ProgramFiles%\imPcRemote\uvnc\is-EGQ44.tmp
- %ProgramFiles%\imPcRemote\uvnc\is-QVQP4.tmp
- %ProgramFiles%\imPcRemote\uvnc\driver\xp64\driver\is-565PQ.tmp
- %ProgramFiles%\imPcRemote\uvnc\driver\xp64\driver\is-QMOAK.tmp
- %ProgramFiles%\imPcRemote\uvnc\driver\xp64\driver\is-9N1B8.tmp
- %ProgramFiles%\imPcRemote\uvnc\is-M1M0U.tmp
- %ProgramFiles%\imPcRemote\uvnc\is-LLEMR.tmp
- %ProgramFiles%\imPcRemote\uvnc\is-M6VHE.tmp
- %ProgramFiles%\imPcRemote\uvnc\is-KMFCQ.tmp
- %ProgramFiles%\imPcRemote\unins000.dat
- %ALLUSERSPROFILE%\Start Menu\Programs\imPcRemote\Uninstall imPcRemote Tray.lnk
- %ALLUSERSPROFILE%\Start Menu\Programs\imPcRemote\imPcRemote.lnk
- %WINDIR%\inf\oem3.inf
- <SYSTEM32>\SETA.tmp
- <DRIVERS>\SET9.tmp
- %WINDIR%\inf\oem3.PNF
- %ProgramFiles%\imPcRemote\is-8PU2Q.tmp
- %ProgramFiles%\imPcRemote\stop
- %ProgramFiles%\imPcRemote\is-S356N.tmp
- %ProgramFiles%\imPcRemote\is-O1MPV.tmp
- %ProgramFiles%\imPcRemote\silent.ini
- %ProgramFiles%\imPcRemote\bckgrnd.jpg
- %ProgramFiles%\imPcRemote\brand.ico
- %ProgramFiles%\imPcRemote\brand.ini
- %ProgramFiles%\imPcRemote\uvnc\driver\vista\driver\is-90MK1.tmp
- %ProgramFiles%\imPcRemote\uvnc\driver\vista\driver\is-60M95.tmp
- %ProgramFiles%\imPcRemote\uvnc\driver\vista\is-NRC0L.tmp
- %ProgramFiles%\imPcRemote\uvnc\driver\vista\driver\is-M41BK.tmp
- %ProgramFiles%\imPcRemote\uvnc\driver\vista64\driver\is-1C0DT.tmp
- %ProgramFiles%\imPcRemote\uvnc\driver\vista64\is-3GKK5.tmp
- %ProgramFiles%\imPcRemote\uvnc\driver\vista\driver\is-CEC7R.tmp
- %ProgramFiles%\imPcRemote\is-6MS2P.tmp
- %TEMP%\RarSFX0\bckgrnd.jpg
- %TEMP%\RarSFX0\silent.ini
- %TEMP%\RarSFX0\impcremote_tray_setup.exe
- %TEMP%\RarSFX0\brand.ico
- %TEMP%\is-E1BI2.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-H2HQL.tmp\impcremote_tray_setup.tmp
- %TEMP%\RarSFX0\brand.ini
- %ProgramFiles%\imPcRemote\uvnc\driver\xp\driver\is-BSIQ1.tmp
- %ProgramFiles%\imPcRemote\uvnc\driver\xp\driver\is-6Q9O1.tmp
- %ProgramFiles%\imPcRemote\uvnc\driver\xp\is-U55HS.tmp
- %ProgramFiles%\imPcRemote\uvnc\driver\xp\driver\is-HECKA.tmp
- %ProgramFiles%\imPcRemote\uvnc\driver\xp64\driver\is-IC1AQ.tmp
- %ProgramFiles%\imPcRemote\uvnc\driver\xp64\is-B836P.tmp
- %ProgramFiles%\imPcRemote\uvnc\driver\xp\driver\is-AVK91.tmp
- %ProgramFiles%\imPcRemote\uvnc\driver\w2k\driver\is-64CS9.tmp
- %ProgramFiles%\imPcRemote\uvnc\driver\vista64\driver\is-2OVPE.tmp
- %ProgramFiles%\imPcRemote\uvnc\driver\vista64\driver\is-COA4A.tmp
- %ProgramFiles%\imPcRemote\uvnc\driver\vista64\driver\is-D9CRU.tmp
- %ProgramFiles%\imPcRemote\uvnc\driver\w2k\is-EU4RD.tmp
- %ProgramFiles%\imPcRemote\uvnc\driver\w2k\driver\is-F1R5Q.tmp
- %ProgramFiles%\imPcRemote\uvnc\driver\w2k\driver\is-8UEBP.tmp
- %ProgramFiles%\imPcRemote\uvnc\driver\w2k\driver\is-N11UD.tmp
- %TEMP%\RarSFX0\bckgrnd.jpg
- %TEMP%\Cab11.tmp
- %TEMP%\CabF.tmp
- %TEMP%\RarSFX0\brand.ico
- %TEMP%\RarSFX0\silent.ini
- %TEMP%\RarSFX0\impcremote_tray_setup.exe
- %TEMP%\RarSFX0\brand.ini
- %TEMP%\CabD.tmp
- %TEMP%\Cab3.tmp
- %TEMP%\is-E1BI2.tmp\_isetup\_shfoldr.dll
- %ProgramFiles%\imPcRemote\stop
- %TEMP%\Cab5.tmp
- %TEMP%\CabB.tmp
- %TEMP%\Cab7.tmp
- %TEMP%\is-H2HQL.tmp\impcremote_tray_setup.tmp
- %ProgramFiles%\imPcRemote\uvnc\is-KMFCQ.tmp в %ProgramFiles%\imPcRemote\uvnc\logging.dll
- %ProgramFiles%\imPcRemote\uvnc\is-M1M0U.tmp в %ProgramFiles%\imPcRemote\uvnc\rpuvnc.exe
- %ProgramFiles%\imPcRemote\uvnc\is-M6VHE.tmp в %ProgramFiles%\imPcRemote\uvnc\logmessages.dll
- %ProgramFiles%\imPcRemote\uvnc\is-QVQP4.tmp в %ProgramFiles%\imPcRemote\uvnc\setcad.exe
- %ProgramFiles%\imPcRemote\uvnc\is-LLEMR.tmp в %ProgramFiles%\imPcRemote\uvnc\sas.dll
- %ProgramFiles%\imPcRemote\uvnc\driver\xp64\driver\is-IC1AQ.tmp в %ProgramFiles%\imPcRemote\uvnc\driver\xp64\driver\mv2.cat
- %ProgramFiles%\imPcRemote\uvnc\driver\xp64\is-B836P.tmp в %ProgramFiles%\imPcRemote\uvnc\driver\xp64\setupdrv.exe
- %ProgramFiles%\imPcRemote\uvnc\driver\xp64\driver\is-9N1B8.tmp в %ProgramFiles%\imPcRemote\uvnc\driver\xp64\driver\mv2.dll
- %ProgramFiles%\imPcRemote\uvnc\driver\xp64\driver\is-565PQ.tmp в %ProgramFiles%\imPcRemote\uvnc\driver\xp64\driver\mv2.sys
- %ProgramFiles%\imPcRemote\uvnc\driver\xp64\driver\is-QMOAK.tmp в %ProgramFiles%\imPcRemote\uvnc\driver\xp64\driver\mv2.inf
- %ProgramFiles%\imPcRemote\uvnc\is-PD08O.tmp в %ProgramFiles%\imPcRemote\uvnc\setcad64.exe
- %ProgramFiles%\imPcRemote\is-S356N.tmp в %ProgramFiles%\imPcRemote\Readme.txt
- %ProgramFiles%\imPcRemote\is-O1MPV.tmp в %ProgramFiles%\imPcRemote\imPcRemote.exe
- %ProgramFiles%\imPcRemote\is-8PU2Q.tmp в %ProgramFiles%\imPcRemote\imPcRemoteTray.exe
- <SYSTEM32>\SETA.tmp в <SYSTEM32>\mv2.dll
- <DRIVERS>\SET9.tmp в <DRIVERS>\mv2.sys
- %ProgramFiles%\imPcRemote\uvnc\is-OAR7K.tmp в %ProgramFiles%\imPcRemote\uvnc\SecureVNCPlugin.dsm
- %ProgramFiles%\imPcRemote\uvnc\is-LPHC6.tmp в %ProgramFiles%\imPcRemote\uvnc\vnchooks.dll
- %ProgramFiles%\imPcRemote\uvnc\is-EGQ44.tmp в %ProgramFiles%\imPcRemote\uvnc\ultravnc.ini
- %ProgramFiles%\imPcRemote\is-784TL.tmp в %ProgramFiles%\imPcRemote\ssleay32.dll
- %ProgramFiles%\imPcRemote\is-1N0IR.tmp в %ProgramFiles%\imPcRemote\libeay32.dll
- %ProgramFiles%\imPcRemote\uvnc\driver\vista64\is-3GKK5.tmp в %ProgramFiles%\imPcRemote\uvnc\driver\vista64\setupdrv.exe
- %ProgramFiles%\imPcRemote\uvnc\driver\vista\driver\is-CEC7R.tmp в %ProgramFiles%\imPcRemote\uvnc\driver\vista\driver\mv2.sys
- %ProgramFiles%\imPcRemote\uvnc\driver\vista64\driver\is-1C0DT.tmp в %ProgramFiles%\imPcRemote\uvnc\driver\vista64\driver\mv2.cat
- %ProgramFiles%\imPcRemote\uvnc\driver\vista64\driver\is-COA4A.tmp в %ProgramFiles%\imPcRemote\uvnc\driver\vista64\driver\mv2.inf
- %ProgramFiles%\imPcRemote\uvnc\driver\vista64\driver\is-D9CRU.tmp в %ProgramFiles%\imPcRemote\uvnc\driver\vista64\driver\mv2.dll
- %ProgramFiles%\imPcRemote\uvnc\driver\vista\is-NRC0L.tmp в %ProgramFiles%\imPcRemote\uvnc\driver\vista\setupdrv.exe
- %ProgramFiles%\imPcRemote\is-6MS2P.tmp в %ProgramFiles%\imPcRemote\unins000.exe
- %ProgramFiles%\imPcRemote\uvnc\driver\vista\driver\is-60M95.tmp в %ProgramFiles%\imPcRemote\uvnc\driver\vista\driver\mv2.cat
- %ProgramFiles%\imPcRemote\uvnc\driver\vista\driver\is-M41BK.tmp в %ProgramFiles%\imPcRemote\uvnc\driver\vista\driver\mv2.inf
- %ProgramFiles%\imPcRemote\uvnc\driver\vista\driver\is-90MK1.tmp в %ProgramFiles%\imPcRemote\uvnc\driver\vista\driver\mv2.dll
- %ProgramFiles%\imPcRemote\uvnc\driver\vista64\driver\is-2OVPE.tmp в %ProgramFiles%\imPcRemote\uvnc\driver\vista64\driver\mv2.sys
- %ProgramFiles%\imPcRemote\uvnc\driver\xp\driver\is-6Q9O1.tmp в %ProgramFiles%\imPcRemote\uvnc\driver\xp\driver\mv2.cat
- %ProgramFiles%\imPcRemote\uvnc\driver\xp\is-U55HS.tmp в %ProgramFiles%\imPcRemote\uvnc\driver\xp\setupdrv.exe
- %ProgramFiles%\imPcRemote\uvnc\driver\xp\driver\is-BSIQ1.tmp в %ProgramFiles%\imPcRemote\uvnc\driver\xp\driver\mv2.dll
- %ProgramFiles%\imPcRemote\uvnc\driver\xp\driver\is-AVK91.tmp в %ProgramFiles%\imPcRemote\uvnc\driver\xp\driver\mv2.sys
- %ProgramFiles%\imPcRemote\uvnc\driver\xp\driver\is-HECKA.tmp в %ProgramFiles%\imPcRemote\uvnc\driver\xp\driver\mv2.inf
- %ProgramFiles%\imPcRemote\uvnc\driver\w2k\driver\is-N11UD.tmp в %ProgramFiles%\imPcRemote\uvnc\driver\w2k\driver\mv2.cat
- %ProgramFiles%\imPcRemote\uvnc\driver\w2k\is-EU4RD.tmp в %ProgramFiles%\imPcRemote\uvnc\driver\w2k\setupdrv.exe
- %ProgramFiles%\imPcRemote\uvnc\driver\w2k\driver\is-8UEBP.tmp в %ProgramFiles%\imPcRemote\uvnc\driver\w2k\driver\mv2.dll
- %ProgramFiles%\imPcRemote\uvnc\driver\w2k\driver\is-64CS9.tmp в %ProgramFiles%\imPcRemote\uvnc\driver\w2k\driver\mv2.sys
- %ProgramFiles%\imPcRemote\uvnc\driver\w2k\driver\is-F1R5Q.tmp в %ProgramFiles%\imPcRemote\uvnc\driver\w2k\driver\mv2.inf
- 'im####0.dtdns.net':5555
- 'www.download.windowsupdate.com':80
- 's0#.##pcremote.com':5555
- 'wp#d':80
- http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
- http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt
- http://11#.#11.111.3/wpad.dat via wp#d
- DNS ASK wp#d
- DNS ASK www.download.windowsupdate.com
- DNS ASK s0#.##pcremote.com
- DNS ASK im####0.dtdns.net
- ClassName: '' WindowName: 'Software Installation'
- ClassName: '' WindowName: 'Hardware Installation'
- ClassName: 'EDIT' WindowName: ''