Техническая информация
- [<HKLM>\SOFTWARE\Classes\exefile\shell\open\command] '' = '%PROGRAM_FILES%\alggui.exe "%1" %*'
- [<HKLM>\SYSTEM\ControlSet001\Services\AdbUpd] 'Start' = '00000002'
- %PROGRAM_FILES%\svchost.exe
- %PROGRAM_FILES%\Your PC Protector\Your PC Protector.exe
- iexplore.exe
- %TEMP%\win2.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\action3[1]
- %PROGRAM_FILES%\wp3.dat
- %PROGRAM_FILES%\alggui.exe
- %PROGRAM_FILES%\adc32.dll
- %PROGRAM_FILES%\nuar.old
- %HOMEPATH%\Desktop\Your PC Protector.lnk
- %HOMEPATH%\Start Menu\Programs\Your PC Protector\Your PC Protector.lnk
- %PROGRAM_FILES%\Your PC Protector\Your PC Protector.exe
- %TEMP%\win1.tmp
- %PROGRAM_FILES%\wp4.dat
- %PROGRAM_FILES%\svchost.exe
- %TEMP%\win1.tmp
- 'ti##.nist.gov':123
- 'nt##.#s.wisc.edu':123
- 'nt##.#bg.netnod.se':123
- 'ti##.#indows.com':123
- 'localhost':1039
- 'co######.#cademyinvestigation.com':80
- co######.#cademyinvestigation.com/stat/action3.cgi?p=########
- DNS ASK ti##.nist.gov
- DNS ASK nt##.#s.wisc.edu
- DNS ASK nt##.#bg.netnod.se
- DNS ASK co######.#cademyinvestigation.com
- DNS ASK ti##.#indows.com
- 'localhost':1046
- 'localhost':1049
- 'localhost':1048
- 'localhost':1047
- 'localhost':1045
- 'localhost':1041
- 'localhost':1038
- 'localhost':1042
- 'localhost':1044
- 'localhost':1037
- ClassName: 'Shell_TrayWnd' WindowName: ''