Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'CPPopup' = '%PROGRAM_FILES%\ClearPC\CPPopup.exe'
- %PROGRAM_FILES%\ClearPC\CPPopup.exe
- %PROGRAM_FILES%\ClearPC\ClearPC.exe Icon
- %PROGRAM_FILES%\ClearPC\CPPopup.exe (загружен из сети Интернет)
- %PROGRAM_FILES%\ClearPC\ClearPC.exe (загружен из сети Интернет)
- %HOMEPATH%\Start Menu\Programs\ClearPC\ClearPC.lnk
- %HOMEPATH%\Desktop\PCAOAuE ClearPC.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\ClearPC.lnk
- %HOMEPATH%\Start Menu\Programs\ClearPC\ClearPC A¦°A.lnk
- %PROGRAM_FILES%\ClearPC\ClearPC.dll2
- %PROGRAM_FILES%\ClearPC\ClearPC.exe2
- <SYSTEM32>\CPRemover.exe
- %PROGRAM_FILES%\ClearPC\CPPopup.exe2
- 'cl###pc.co.kr':80
- cl###pc.co.kr/ClearPC/CPPopup.exe
- cl###pc.co.kr/ClearPC/CPRemover.exe
- cl###pc.co.kr/api_result.php?mo##################################
- cl###pc.co.kr/ClearPC/setup.txt
- cl###pc.co.kr/ClearPC/ClearPC.exe
- cl###pc.co.kr/ClearPC/ClearPC.dll
- DNS ASK cl###pc.co.kr
- '<IP-адрес в локальной сети>':1037
- ClassName: '' WindowName: 'CPPopup '
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: 'ClearPC '