Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Adv_TopC' = '%PROGRAM_FILES%\AdvTopC\TCSearch.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\TCCheckAgent] 'Start' = '00000002'
- %PROGRAM_FILES%\AdvTopC\AdvTCApp.exe /r
- <SYSTEM32>\regsvr32.exe /s "%PROGRAM_FILES%\AdvTopC\TCHelper.dll"
- %PROGRAM_FILES%\AdvTopC\TCCheckAgent.exe
- %PROGRAM_FILES%\AdvTopC\tcse.dat
- %PROGRAM_FILES%\AdvTopC\tcwhk.dll
- %PROGRAM_FILES%\AdvTopC\TCSearch.exe
- %PROGRAM_FILES%\AdvTopC\AdvTCApp.tlb
- %PROGRAM_FILES%\AdvTopC\AdvTCApp.exe
- %PROGRAM_FILES%\AdvTopC\TCUnins.exe
- %PROGRAM_FILES%\AdvTopC\TCHelper.dll
- 'we###ngad.com':80
- we###ngad.com/_app/tc_action3.php?pi####################################
- DNS ASK we###ngad.com
- ClassName: 'Indicator' WindowName: ''
- ClassName: '' WindowName: 'WerPingGood-Service Wnd'