Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Ad-Aware Browsing Protection' = '"%ALLUSERSPROFILE%\Application Data\Ad-Aware Browsing Protection\adawarebp.exe"'
- %ALLUSERSPROFILE%\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
- %TEMP%\nsy3.tmp\temp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\postdata[1].htm
- %TEMP%\nsy3.tmp\inetc.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\adaware[1].xml
- %ALLUSERSPROFILE%\Application Data\Ad-Aware Browsing Protection\uninstall.exe
- %TEMP%\nsy3.tmp\AccessControl.dll
- %TEMP%\nsy3.tmp\System.dll
- %TEMP%\nsy3.tmp\UAC.dll
- %TEMP%\nsi2.tmp
- %ALLUSERSPROFILE%\Application Data\Ad-Aware Browsing Protection\adawarebp.dll
- %ALLUSERSPROFILE%\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
- %ALLUSERSPROFILE%\Application Data\Ad-Aware Browsing Protection\guid.dat
- %TEMP%\nsy3.tmp\temp
- %TEMP%\nsy3.tmp\UAC.dll
- %TEMP%\nsy3.tmp\System.dll
- %TEMP%\nsy3.tmp\AccessControl.dll
- %TEMP%\nsy3.tmp\inetc.dll
- 'to#####.lavasoft.com':80
- 'vi############ishing-adaware.applicationstat.com':80
- to#####.lavasoft.com/browsingprotection/update/adaware.xml
- vi############ishing-adaware.applicationstat.com/postdata.php
- DNS ASK to#####.lavasoft.com
- DNS ASK vi############ishing-adaware.applicationstat.com
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''