PUA.Win32.PCFixer.B

It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

Verbindet sich mit einer bestimmten Website, um Daten zu versenden und zu empfangen. Leitet Browser zu bestimmten Websites um.

Übertragungsdetails

It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

Installation

Fügt die folgenden Ordner hinzu:

• %Application Data%\efo
• %Application Data%\efo\langs
• %Program Files%\Advanced-PC-Care
• %Program Files%\Advanced-PC-Care\langs
• %ProgramData%\{BLOCKED}edpccare.net
• %ProgramData%\{BLOCKED}edpccare.net\Advanced-PC-Care
• %Program Files%\Advanced-PC-Care
• %Program Files%\Advanced-PC-Care\x64

Schleust die folgenden Dateien ein:

• %Program Files%\Advanced-PC-Care\unins000.dat
• %Program Files%\Advanced-PC-Care\unins000.exe
• %Program Files%\Advanced-PC-Care\apc.exe
• %Program Files%\Advanced-PC-Care\apc.exe.config
• %Program Files%\Advanced-PC-Care\AppRes.dll
• %Program Files%\Advanced-PC-Care\Microsoft.Win32.TaskScheduler.dll
• %Program Files%\Advanced-PC-Care\ApcEng.dll
• %Program Files%\Advanced-PC-Care\TaskScheduler.dll
• %Program Files%\Advanced-PC-Care\NAudio.dll
• %Program Files%\Advanced-PC-Care\TAFactory.IconPack.dll
• %Program Files%\Advanced-PC-Care\Interop.IWshRuntimeLibrary.dll
• %Program Files%\Advanced-PC-Care\x64\SQLite.Interop.dll
• %Program Files%\Advanced-PC-Care\x86\SQLite.Interop.dll
• %Program Files%\Advanced-PC-Care\System.Data.SQLite.DLL
• %Program Files%\Advanced-PC-Care\HtmlRenderer.dll
• %Program Files%\Advanced-PC-Care\HtmlRenderer.WinForms.dll
• %ProgramData%\{BLOCKED}edpccare.net\Advanced-PC-Care\apc.db
• %ProgramData%\{BLOCKED}edpccare.net\Advanced-PC-Care\apcstartrepair_en.mp3
• %Program Files%\Advanced-PC-Care\langs\english_apc_en.ini
• %Program Files%\Advanced-PC-Care\langs\danish_apc_da.ini
• %Program Files%\Advanced-PC-Care\langs\Dutch_apc_nl.ini
• %Program Files%\Advanced-PC-Care\langs\finish_apc_fi.ini
• %Program Files%\Advanced-PC-Care\langs\French_apc_fr.ini
• %Program Files%\Advanced-PC-Care\langs\german_apc_de.ini
• %Program Files%\Advanced-PC-Care\langs\italian_apc_it.ini
• %Program Files%\Advanced-PC-Care\langs\japanese_apc_ja.ini
• %Program Files%\Advanced-PC-Care\langs\norwegian_apc_no.ini
• %Program Files%\Advanced-PC-Care\langs\portuguese_apc_ptbr.ini
• %Program Files%\Advanced-PC-Care\langs\russian_apc_ru.ini
• %Program Files%\Advanced-PC-Care\langs\spanish_apc_es.ini
• %Program Files%\Advanced-PC-Care\langs\swedish_apc_sv.ini
• %Application Data%\efo\langs\english_efo_en.ini
• %Application Data%\efo\langs\danish_efo_da.ini
• %Application Data%\efo\langs\Dutch_efo_nl.ini
• %Application Data%\efo\langs\finish_efo_fi.ini
• %Application Data%\efo\langs\French_efo_fr.ini
• %Application Data%\efo\langs\german_efo_de.ini
• %Application Data%\efo\langs\italian_efo_it.ini
• %Application Data%\efo\langs\japanese_efo_ja.ini
• %Application Data%\efo\langs\norwegian_efo_no.ini
• %Application Data%\efo\langs\portuguese_efo_ptbr.ini
• %Application Data%\efo\langs\russian_efo_ru.ini
• %Application Data%\efo\langs\spanish_efo_es.ini
• %Application Data%\efo\langs\swedish_efo_sv.ini
• %Public%\Desktop\Advanced-PC-Care.lnk
• %Application Data%\{BLOCKED}edpccare.net\Advanced-PC-Care\Errorlog.txt
• %Program Files%\Advanced-PC-Care\unins000.msg
• %Application Data%\{BLOCKED}edpccare.net \Advanced-PC-Care\exlist.bin
• %Common Programs%\Advanced-PC-Care\Advanced-PC-Care.lnk
• %Common Programs%\Advanced-PC-Care\Buy Advanced-PC-Care.lnk
• %Common Programs%\Advanced-PC-Care\Uninstall Advanced-PC-Care.lnk

Fügt die folgenden Prozesse hinzu:

• "%System%\taskkill.exe" /f /im "apc.exe"
• "%System%\taskkill.exe" /f /im "AppVerifier.exe"
• "%Program Files%\Advanced-PC-Care\apc.exe" getwebparam
• "%Program Files%\Advanced-PC-Care\apc.exe" firstlaunch

(Hinweis: %System% ist der Windows Systemordner. Er lautet in der Regel C:\Windows\System unter Windows 98 und ME, C:\WINNT\System32 unter Windows NT und 2000 sowie C:\Windows\System32 unter Windows 2000(32-bit), XP, Server 2003(32-bit), Vista, 7, 8, 8.1, 2008(64-bit), 2012(64bit) and 10(64-bit).. %Program Files%ist der Standardordner 'Programme', normalerweise C:\Programme.)

Andere Systemänderungen

Fügt die folgenden Registrierungseinträge hinzu:

HKEY_CURRENT_USER\Software\{BLOCKED}edpccare.net\
Advanced-PC-Care
utm_source = wpropjfg

HKEY_CURRENT_USER\Software\{BLOCKED}edpccare.net\
Advanced-PC-Care
utm_campaign = wpropjfg

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
Phone_us = (877)-{BLOCKED}-7061

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
Phone_uk = (800)-{BLOCKED}-8430

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
Phone_gb = (800)-{BLOCKED}-8430

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
Phone_au = {BLOCKED}-{BLOCKED}-389

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
Phone_fr = (334)-{BLOCKED}7945

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
Phone_de = (800)-{BLOCKED}-0926

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
Phone_at = (800)-{BLOCKED}-0926

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
Phone_ch = (800)-{BLOCKED}-0926

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
Phone_lu = (800)-{BLOCKED}-0926

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
Phone_jp = {BLOCKED}-{BLOCKED}2-7

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
Phone_ja = {BLOCKED}-{BLOCKED}2-7

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
PurchaseURL = http://www.{BLOCKED}edpccare.net/apc/price.asp?

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
RenewURL = http://www.{BLOCKED}edpccare.net/apc/renewal.asp?

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
WebURL = http://www.{BLOCKED}edpccare.net/

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
EmailURL = {BLOCKED}cedpccare@support-geeks.com

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
supporturl = http://www.{BLOCKED}edpccare.net/help/

HKEY_CURRENT_USER\Software\{BLOCKED}edpccare.net\
Advanced-PC-Care
Installstring = %Program Files%\Advanced-PC-Care

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
Installstring = %Program Files%\Advanced-PC-Care

HKEY_LOCAL_MACHINE\SOFTWARE\{base-64 encoded "{BLOCKED}edpccare.net"}\
{base-64 encoded "Advanced-PC-Care"}\ACT
data = {Hex values}

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
reg = 0

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
expired = 0

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
phone = (877)-883-7061

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
isphone = 1

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
issilent = 0

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
showefo = 1

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
efosetting = 1

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
country =

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
msl = 1

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
pxl = WPR970_WPR952_RUNT

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
ipaddrurl = http://www.{BLOCKED}edpccare.com/getIpAddress.asp

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
paramurl = http://trkr.advancedpccare.com/ipfiles/

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
prereg = 0

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
showtn = 0

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
ovoffdis = 0

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
cta = 0

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
delay = 0

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
cbkpoff = 1

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
showudurec = 1

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
playsound = 1

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
utm_source = wpropjfg

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
Phone = (877)-883-7061

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
Inno Setup: App Path = %Program Files%\Advanced-PC-Care

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
InstallLocation = %Program Files%\Advanced-PC-Care\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
Inno Setup: Icon Group = Advanced-PC-Care

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
Inno Setup: User = {User name}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
Inno Setup: Language = {System language}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
DisplayName = Advanced-PC-Care

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
DisplayIcon = %Program Files%\Advanced-PC-Care\apc.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
UninstallString = "%Program Files%\Advanced-PC-Care\unins000.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
QuietUninstallString = "%Program Files%\Advanced-PC-Care\unins000.exe" /SILENT

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
DisplayVersion = 1.0.0.11232

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
Publisher = advancedpccare.net

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
NoModify = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
NoRepair = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
InstallDate = {Installed software date}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
MajorVersion = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
MinorVersion = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
EstimatedSize = 9047

Download-Routine

Öffnet die folgenden Websites, um Dateien herunterzuladen:

• http://{BLOCKED}gcrew.net/assets/scripts/js3.js

Andere Details

Fügt die folgenden Registrierungsschlüssel hinzu:

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net

HKEY_CURRENT_USER\Software\{BLOCKED}edpccare.net

HKEY_LOCAL_MACHINE\SOFTWARE\{base-64 encoded "{BLOCKED}edpccare.net"}

HKEY_LOCAL_MACHINE\SOFTWARE\{base-64 encoded "{BLOCKED}edpccare.net"}\
{base-64 encoded "Advanced-PC-Care"}

HKEY_LOCAL_MACHINE\SOFTWARE\{base-64 encoded "{BLOCKED}edpccare.net"}\
{base-64 encoded "Advanced-PC-Care"}\ACT

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}

HKEY_CURRENT_USER\Software\{BLOCKED}edpccare.net\
Advanced-PC-Care\1.0.0.11232

Verbindet sich mit der folgenden Website, um Daten zu versenden und zu empfangen:

• http://cc.{BLOCKED}cedpccare.net/wcfCountryPricing/countrypricing.svc/GetCountryCode
• http://www.{BLOCKED}edpccare.com/getIpAddress.asp
• https://www.{BLOCKED}mains.com/domain_profile.cfm?d=advancedpccare&e=com
• http://trkr.{BLOCKED}edpccare.com/ipfiles/%3C!DOCTYPE%20html%3E%0A%3Chtml%20lang=%22en%22%3E%0A%3Chead%3E%0A%3Cmeta%20http-equiv=%22Content-Type%22%20content=%22text/html%20charset=UTF-8%22%3E%0A%0A%3Cmeta%20name=%22viewport%22%20content=%22width=device-width,%20initial-scale=1,%20shrink-to-fit=no%22%3E%0A%3Clink%20rel=%22stylesheet%22%20href=%22https://cdn_jsdelivr_net/gh/fancyapps/fancybox@3_5_7/dist/jquery_fancybox_min_css%22%20/%3E%0A%3Clink%20rel=%22stylesheet%22%20href=%22https://static_HugeDomains_com/css/hdv3-css/reboot_min_css%22%3E%0A%3Clink%20rel=%22stylesheet%22%20href=%22https://static_HugeDomains_com/css/hdv3-css/style_css?aa=2020-10-10%22%3E%0A%3Clink%20rel=%22stylesheet%22%20href=%22https://static_HugeDomains_com/css/hdv3-css/responsive_css?aa=2020-10-10%22%3E%0A%3Cmeta%20property=%22og:site_name%22%20content=%22HugeDomains%22%3E%0A%3Cmeta%20property=%22og:type%22%20content=%22website%22%3E%0A%3Cmeta%20property=%22og:image%22%20content=%22https://static_HugeDomains_com/images/hdv3-img/og_hugedomains_png%22%20/%3E%0A%3Ctitle%3EAdvancedPcCare_com%20is%20for%20sale%20%7C%20HugeDomains%3C/title%3E%0A%3Cmeta%20property=%22og:title%22%20content=%22AdvancedPcCare_com%20is%20for%20sale%20%7C%20HugeDomains%22%20/%3E%0A%3Cmeta%20property=%22og:url%22%20content=%22https://www_HugeDomains_com/domain_profile_cfm?d=AdvancedPcCare_com%22%20/%3E%0A%3Clink%20rel=%22canonical%22%20href=%22https://www_HugeDomains_com/domain_profile_cfm?d=AdvancedPcCare_com%22%20/%3E%0A%3Cmeta%20property=%22og:description%22%20content=%22Friendly%20and%20helpful%20customer%20support%20that%20goes%20above%20and%20beyond_%20We%20help%20you%20get%20the%20perfect%20domain%20name_%22%20/%3E%0A%3Cmeta%20name=%22description%22%20content=%22Friendly%20and%20helpful%20customer%20support%20that%20goes%20above%20and%20beyond_%20We%20help%20you%20get%20the%20perfect%20domain%20name_%22%20/%3E%0A%3Clink%20rel=%22stylesheet%22%20href=%22https://fonts_googleapis_com/css?family=Noto+Sans:400,700&display=swap%22%3E%0A%3Clink%20rel=%22stylesheet%22%20href=%22https://use_typekit_net/zyw6mds_css%22%3E%0A%0A%3Cscript%20async%20src=%22https://www_googletagmanager_com/gtag/js?id=UA-7117339-4%22%3E%3C/script%3E%0A%3Cscript%3E%0D%0Awindow_dataLayer%20=%20window_dataLayer%20%7C%7C%20%5B%5D%0D%0Afunction%20gtag()%7BdataLayer_push(arguments)%7D%0D%0Agtag('js',%20new%20Date())%0D%0A/*%20gtag('config',%20'UA-7117339-4')%20*/%0D%0Agtag('config',%20'UA-7117339-4',%20%7B%0D%0A'custom_map':%20%7B%0D%0A'dimension3':%20'siteversion'%0D%0A%7D%0D%0A%7D)%0D%0Agtag('event',%20'pageLoad',%20%7B%20'siteversion':%20'HDv3'%20%7D)%0D%0A%3C/script%3E%0A%3Cscript%20async%20src='/cdn-cgi/bm/cv/669835187/api_js'%3E%3C/script%3E%3C/head%3E%0A%3Cbody%3E%0A%3Cheader%20id=%22header%22%3E%0A%3Cdiv%20class=%22js-overlay-modal%20overlay-modal%22%3E%3C/div%3E%0A%3Cdiv%20class=%22container%22%3E%0A%3Cdiv%20class=%22header-top%20d-flex%20ai-center%22%3E%0A%3Cdiv%20class=%22navBurger%22%20role=%22navigation%22%20id=%22navToggle%22%3E%3C/div%3E%0A%3Ca%20class=%22logo%22%20href=%22https://www_HugeDomains_com/index_cfm%22%3E%3Cimg%20src=%22https://static_HugeDomains_com/images/hdv3-img/hugedomains_logo_svg%22%20alt=%22logo%22%20class=%22img-fluid%22%3E%3C/a%3E%0A%3Cdiv%20class=%22d-flex%20ai-center%20jc-end%22%3E%0A%3Cdiv%20class=%22search-trigger%20%22%3E%3Cscript%20type=%22text/javascript%22%20style=%22display:none%22%3E%0A//%3C!%5BCDATA%5B%0Awindow___mirage2%20=%20%7Bpetok:%22dc910f8f0f06bb7b988e52cd1901ac53b32aa025-1624269408-1800%22%7D%0A//%5D%5D%3E%0A%3C/script%3E%0A%3Cscript%20type=%22text/javascript%22%20src=%22https://ajax_cloudflare_com/cdn-cgi/scripts/04b3eb47/cloudflare-static/mirage2_min_js%22%3E%3C/script%3E%0A%3Cimg%20data-cfsrc=%22https://static_HugeDomains_com/images/hdv3-img/search-icon_png%22%20alt=%22%22%20style=%22display:nonevisibility:hidden%22%3E%3Cnoscript%3E%3Cimg%20src=%22https://static_HugeDomains_com/images/hdv3-img/search-icon_png%22%20alt=%22%22%3E%3C/noscript%3E%3C/div%3E%0A%3Cdiv%20class=%22search-box%20%22%3E%0A%0A%3Cform%20action=%22https://www_HugeDomains_com/domain_search_cfm%22%20method=%22get%22%20class=%22search-form%22%20id=%22siteHeaderFormSearchID%22%3E%0A%3Cinput%20type=%22text%22%20name=%22domain_name%22%20value=%22%22%20class=%22search-input%22%3E%0A%3Cbutton%20type=%22submit%22%20value=%22%22%20class=%22search-btn%22%20onClick=%22hdv3HeaderSearchSubmitFunc()%20return%20false%20%22%20style=%22min-width:90px%20height:35px%22%20id=%22hdv3HeaderSearchButtonID%22%3ESearch%3C/button%3E%0A%3Cbutton%20type=%22button%22%20value=%22%22%20id=%22hdv3HeaderSearchProcessingID%22%20class=%22search-btn%20btn%20hiddenAtLoad%20width50%22%20onclick=%22return%20false%22%20style=%22%20height:35px%20min-width:90px%20width:90px%20padding-left:0px%20padding-right:0px%20padding-bottom:0px%20padding-top:0px%20margin-bottom:0px%20overflow:hidden%22%3E%0A%3Cdiv%20id=%22circularG%22%20style=%22margin-left:0px%20margin-right:0px%20margin-top:2px%22%3E%0A%3Cdiv%20id=%22circularG_1%22%20class=%22circularG%22%3E%3C/div%3E%0A%3Cdiv%20id=%22circularG_2%22%20class=%22circularG%22%3E%3C/div%3E%0A%3Cdiv%20id=%22circularG_3%22%20class=%22circularG%22%3E%3C/div%3E%0A%3Cdiv%20id=%22circularG_4%22%20class=%22circularG%22%3E%3C/div%3E%0A%3Cdiv%20id=%22circularG_5%22%20class=%22circularG%22%3E%3C/div%3E%0A%3Cdiv%20id=%22circularG_6%22%20class=%22circularG%22%3E%3C/div%3E%0A%3Cdiv%20id=%22circularG_7%22%20class=%22circularG%22%3E%3C/div%3E%0A%3Cdiv%20id=%22circularG_8%22%20class=%22circularG%22%3E%3C/div%3E%0A%3C/div%3E%0A%3C/button%3E%0A%3C/form%3E%0A%3C/div%3E%0A%3Cspan%20class=%22questions%22%3EQuestions?%3C/span%3E%3Ca%20href=%22tel:1-303-893-0552%22%20class=%22header-tel%22%3E%3Cimg%20data-cfsrc=%22https://static_HugeDomains_com/images/hdv3-img/phone-icon_png%22%20alt=%22%22%20style=%22display:nonevisibility:hidden%22%3E%3Cnoscript%3E%3Cimg%20src=%22https://static_HugeDomains_com/images/hdv3-img/phone-icon_png%22%20alt=%22%22%3E%3C/noscript%3E%3Cspan%20class=%22tell-text%22%3E+1-303-893-0552%3C/span%3E%3C/a%3E%0A%3C/div%3E%0A%3C/div%3E%0A%3C/div%3E%0A%3Cnav%20class=%22navbar%22%3E%0A%3Cdiv%20class=%22overlay%22%3E%0A%3Cdiv%20class=%22overlayMenu%20d-flex%20ai-center%20jc-between%22%3E%0A%3Cul%20class=%22navbar-nav%22%3E%0A%3Cli%20class=%22nav-item%22%3E%0A%3Ca%20class=%22nav-link%22%20href=%22https://www_HugeDomains_com/index_cfm%22%3EHome%3C/a%3E%0A%3C/li%3E%0A%3Cli%20class=%22nav-item%22%3E%0A%3Ca%20class=%22nav-link%22%20href=%22https://www_HugeDomains_com/faq_cfm%22%3EFAQs%3C/a%3E%0A%3C/li%3E%0A%3Cli%20class=%22nav-item%22%3E%0A%3Ca%20class=%22nav-link%22%20href=%22https://www_HugeDomains_com/about_cfm%22%3EAbout%20us%3C/a%3E%0A%3C/li%3E%0A%3Cli%20class=%22nav-item%22%3E%0A%3Ca%20class=%22nav-link%22%20href=%22https://www_HugeDomains_com/contact_cfm%22%3EContact%20us%3C/a%3E%0A%3C/li%3E%0A%3Cli%20class=%22nav-item%22%3E%0A%3Ca%20href=%22https://www_HugeDomains_com/payment-plan-login_cfm%22%20class=%22nav-link%22%3EMy%20account%3C/a%3E%0A%3C/li%3E%0A%3C/ul%3E%0A%3Cdiv%20class=%22shop-links%22%3E%0A%3Ca%20href=%22https://www_HugeDomains_com/shopping_cart_cfm%22%20class=%22cart-link%22%3EShopping%20cart%3C/a%3E%0A%3Cdiv%20class=%22cart-icon%20empty-cart%20%22%20id=%22hdv3HeaderCartIconDivID%22%3E%3Cimg%20data-cfsrc=%22https://static_HugeDomains_com/images/hdv3-img/cart_png%22%20alt=%22%22%20onclick=%22document_location%20=%20'https://www_HugeDomains_com/shopping_cart_cfm'%22%20data-cfstyle=%22cursor:%20pointer%22%20style=%22display:nonevisibility:hidden%22%3E%3Cnoscript%3E%3Cimg%20src=%22https://static_HugeDomains_com/images/hdv3-img/cart_png%22%20alt=%22%22%20onclick=%22document_location%20=%20'https://www_HugeDomains_com/shopping_cart_cfm'%22%20style=%22cursor:%20pointer%22%3E%3C/noscript%3E%3Cspan%20class=%22cart-number%20hiddenAtLoad%22%20id=%22hdv3CartNumberSpanID%22%20onclick=%22document_location%20=%20'https://www_HugeDomains_com/shopping_cart_cfm'%22%20style=%22cursor:%20pointer%22%3E%3C/span%3E%3C/div%3E%0A%3C/div%3E%0A%3C/div%3E%0A%3C/div%3E%0A%3C/nav%3E%0A%3C/header%3E%0A%3Cmain%20class=%22site-main%20%22%3E%0A%0A%0A%3Cdiv%20class=%22slide-sidebar-block%20save-100%20sumary-pp%20two-btn-block%20dn%22%3E%0A%3Cdiv%20class=%22ss-block-inner%22%3E%0A%3Cspan%20class=%22ss-block-title%20green%22%3EAdvancedPcCare_com%3C/span%3E%0A%3Cspan%20class=%22row-save%20save-footer-row%22%3E%0A%3Cspan%3EBuy%20now%20%3Cspan%20class=%22green%22%3E%3Cb%3E$4,795%3C/b%3E%3C/span%3E%3C/span%3E%0A%3C/span%3E%0A%3Ca%20href=%22https://www_HugeDomains_com/shopping_cart_cfm?d=AdvancedPcCare&e=com%22%20class=%22btn%20m-b-0%22%3E&
• http://ww12.{BLOCKED}edpccare.net/
• http://ww12.{BLOCKED}edpccare.net/track.php?domain=advancedpccare.net&toggle=browserjs&uid={UID}
• http://ww12.{BLOCKED}edpccare.net/ls.php

Leitet Browser zu folgenden Websites um:

• http://dp.g.{BLOCK}click.net/apps/domainpark/domainpark.cgi?client=ca-dp-teaminternet09_3ph&channel=000002,bucket052&domain_name=advancedpccare.net&output=html&drid={uid}

Es macht Folgendes:

• Uses the following user-interface: