PUA.Win32.PCFixer.B

プログラムは、他のマルウェアに作成されるか、悪意あるWebサイトからユーザが誤ってダウンロードすることによりコンピュータに侵入します。

プログラムは、特定のWebサイトにアクセスし、情報を送受信します。 プログラムは、特定のWebサイトに誘導します。

侵入方法

プログラムは、他のマルウェアに作成されるか、悪意あるWebサイトからユーザが誤ってダウンロードすることによりコンピュータに侵入します。

インストール

プログラムは、以下のフォルダを追加します。

• %Application Data%\efo
• %Application Data%\efo\langs
• %Program Files%\Advanced-PC-Care
• %Program Files%\Advanced-PC-Care\langs
• %ProgramData%\{BLOCKED}edpccare.net
• %ProgramData%\{BLOCKED}edpccare.net\Advanced-PC-Care
• %Program Files%\Advanced-PC-Care
• %Program Files%\Advanced-PC-Care\x64

プログラムは、以下のファイルを作成します。

• %Program Files%\Advanced-PC-Care\unins000.dat
• %Program Files%\Advanced-PC-Care\unins000.exe
• %Program Files%\Advanced-PC-Care\apc.exe
• %Program Files%\Advanced-PC-Care\apc.exe.config
• %Program Files%\Advanced-PC-Care\AppRes.dll
• %Program Files%\Advanced-PC-Care\Microsoft.Win32.TaskScheduler.dll
• %Program Files%\Advanced-PC-Care\ApcEng.dll
• %Program Files%\Advanced-PC-Care\TaskScheduler.dll
• %Program Files%\Advanced-PC-Care\NAudio.dll
• %Program Files%\Advanced-PC-Care\TAFactory.IconPack.dll
• %Program Files%\Advanced-PC-Care\Interop.IWshRuntimeLibrary.dll
• %Program Files%\Advanced-PC-Care\x64\SQLite.Interop.dll
• %Program Files%\Advanced-PC-Care\x86\SQLite.Interop.dll
• %Program Files%\Advanced-PC-Care\System.Data.SQLite.DLL
• %Program Files%\Advanced-PC-Care\HtmlRenderer.dll
• %Program Files%\Advanced-PC-Care\HtmlRenderer.WinForms.dll
• %ProgramData%\{BLOCKED}edpccare.net\Advanced-PC-Care\apc.db
• %ProgramData%\{BLOCKED}edpccare.net\Advanced-PC-Care\apcstartrepair_en.mp3
• %Program Files%\Advanced-PC-Care\langs\english_apc_en.ini
• %Program Files%\Advanced-PC-Care\langs\danish_apc_da.ini
• %Program Files%\Advanced-PC-Care\langs\Dutch_apc_nl.ini
• %Program Files%\Advanced-PC-Care\langs\finish_apc_fi.ini
• %Program Files%\Advanced-PC-Care\langs\French_apc_fr.ini
• %Program Files%\Advanced-PC-Care\langs\german_apc_de.ini
• %Program Files%\Advanced-PC-Care\langs\italian_apc_it.ini
• %Program Files%\Advanced-PC-Care\langs\japanese_apc_ja.ini
• %Program Files%\Advanced-PC-Care\langs\norwegian_apc_no.ini
• %Program Files%\Advanced-PC-Care\langs\portuguese_apc_ptbr.ini
• %Program Files%\Advanced-PC-Care\langs\russian_apc_ru.ini
• %Program Files%\Advanced-PC-Care\langs\spanish_apc_es.ini
• %Program Files%\Advanced-PC-Care\langs\swedish_apc_sv.ini
• %Application Data%\efo\langs\english_efo_en.ini
• %Application Data%\efo\langs\danish_efo_da.ini
• %Application Data%\efo\langs\Dutch_efo_nl.ini
• %Application Data%\efo\langs\finish_efo_fi.ini
• %Application Data%\efo\langs\French_efo_fr.ini
• %Application Data%\efo\langs\german_efo_de.ini
• %Application Data%\efo\langs\italian_efo_it.ini
• %Application Data%\efo\langs\japanese_efo_ja.ini
• %Application Data%\efo\langs\norwegian_efo_no.ini
• %Application Data%\efo\langs\portuguese_efo_ptbr.ini
• %Application Data%\efo\langs\russian_efo_ru.ini
• %Application Data%\efo\langs\spanish_efo_es.ini
• %Application Data%\efo\langs\swedish_efo_sv.ini
• %Public%\Desktop\Advanced-PC-Care.lnk
• %Application Data%\{BLOCKED}edpccare.net\Advanced-PC-Care\Errorlog.txt
• %Program Files%\Advanced-PC-Care\unins000.msg
• %Application Data%\{BLOCKED}edpccare.net \Advanced-PC-Care\exlist.bin
• %Common Programs%\Advanced-PC-Care\Advanced-PC-Care.lnk
• %Common Programs%\Advanced-PC-Care\Buy Advanced-PC-Care.lnk
• %Common Programs%\Advanced-PC-Care\Uninstall Advanced-PC-Care.lnk

プログラムは、以下のプロセスを追加します。

• "%System%\taskkill.exe" /f /im "apc.exe"
• "%System%\taskkill.exe" /f /im "AppVerifier.exe"
• "%Program Files%\Advanced-PC-Care\apc.exe" getwebparam
• "%Program Files%\Advanced-PC-Care\apc.exe" firstlaunch

(註：%System%フォルダは、システムフォルダで、いずれのオペレーティングシステム(OS)でも通常、"C:\Windows\System32" です。.. %Program Files%フォルダは、デフォルトのプログラムファイルフォルダです。C:\Program Files in Windows 2000(32-bit)、Server 2003(32-bit)、XP、Vista(64-bit)、7、8、8.1、2008(64-bit)、2012(64-bit)、10(64-bit)の場合、通常 "C:\Program Files"です。また、Windows XP(64-bit)、Vista(64-bit)、7(64-bit)、8(64-bit)、8.1(64-bit)、2008(64-bit)、2012(64-bit)、10(64-bit)の場合、通常 "C:\Program Files（x86）" です。)

他のシステム変更

プログラムは、以下のレジストリ値を追加します。

HKEY_CURRENT_USER\Software\{BLOCKED}edpccare.net\
Advanced-PC-Care
utm_source = wpropjfg

HKEY_CURRENT_USER\Software\{BLOCKED}edpccare.net\
Advanced-PC-Care
utm_campaign = wpropjfg

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
Phone_us = (877)-{BLOCKED}-7061

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
Phone_uk = (800)-{BLOCKED}-8430

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
Phone_gb = (800)-{BLOCKED}-8430

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
Phone_au = {BLOCKED}-{BLOCKED}-389

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
Phone_fr = (334)-{BLOCKED}7945

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
Phone_de = (800)-{BLOCKED}-0926

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
Phone_at = (800)-{BLOCKED}-0926

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
Phone_ch = (800)-{BLOCKED}-0926

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
Phone_lu = (800)-{BLOCKED}-0926

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
Phone_jp = {BLOCKED}-{BLOCKED}2-7

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
Phone_ja = {BLOCKED}-{BLOCKED}2-7

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
PurchaseURL = http://www.{BLOCKED}edpccare.net/apc/price.asp?

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
RenewURL = http://www.{BLOCKED}edpccare.net/apc/renewal.asp?

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
WebURL = http://www.{BLOCKED}edpccare.net/

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
EmailURL = {BLOCKED}cedpccare@support-geeks.com

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
supporturl = http://www.{BLOCKED}edpccare.net/help/

HKEY_CURRENT_USER\Software\{BLOCKED}edpccare.net\
Advanced-PC-Care
Installstring = %Program Files%\Advanced-PC-Care

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
Installstring = %Program Files%\Advanced-PC-Care

HKEY_LOCAL_MACHINE\SOFTWARE\{base-64 encoded "{BLOCKED}edpccare.net"}\
{base-64 encoded "Advanced-PC-Care"}\ACT
data = {Hex values}

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
reg = 0

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
expired = 0

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
phone = (877)-883-7061

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
isphone = 1

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
issilent = 0

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
showefo = 1

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
efosetting = 1

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
country =

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
msl = 1

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
pxl = WPR970_WPR952_RUNT

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
ipaddrurl = http://www.{BLOCKED}edpccare.com/getIpAddress.asp

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
paramurl = http://trkr.advancedpccare.com/ipfiles/

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
prereg = 0

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
showtn = 0

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
ovoffdis = 0

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
cta = 0

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
delay = 0

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
cbkpoff = 1

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
showudurec = 1

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
playsound = 1

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
utm_source = wpropjfg

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net\
Advanced-PC-Care
Phone = (877)-883-7061

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
Inno Setup: App Path = %Program Files%\Advanced-PC-Care

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
InstallLocation = %Program Files%\Advanced-PC-Care\

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
Inno Setup: Icon Group = Advanced-PC-Care

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
Inno Setup: User = {User name}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
Inno Setup: Language = {System language}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
DisplayName = Advanced-PC-Care

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
DisplayIcon = %Program Files%\Advanced-PC-Care\apc.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
UninstallString = "%Program Files%\Advanced-PC-Care\unins000.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
QuietUninstallString = "%Program Files%\Advanced-PC-Care\unins000.exe" /SILENT

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
DisplayVersion = 1.0.0.11232

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
Publisher = advancedpccare.net

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
NoModify = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
NoRepair = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
InstallDate = {Installed software date}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
MajorVersion = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
MinorVersion = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}
EstimatedSize = 9047

ダウンロード活動

プログラムは、以下のWebサイトにアクセスし、ファイルをダウンロードします。

• http://{BLOCKED}gcrew.net/assets/scripts/js3.js

その他

プログラムは、以下のレジストリキーを追加します。

HKEY_LOCAL_MACHINE\SOFTWARE\{BLOCKED}edpccare.net

HKEY_CURRENT_USER\Software\{BLOCKED}edpccare.net

HKEY_LOCAL_MACHINE\SOFTWARE\{base-64 encoded "{BLOCKED}edpccare.net"}

HKEY_LOCAL_MACHINE\SOFTWARE\{base-64 encoded "{BLOCKED}edpccare.net"}\
{base-64 encoded "Advanced-PC-Care"}

HKEY_LOCAL_MACHINE\SOFTWARE\{base-64 encoded "{BLOCKED}edpccare.net"}\
{base-64 encoded "Advanced-PC-Care"}\ACT

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
{UID}

HKEY_CURRENT_USER\Software\{BLOCKED}edpccare.net\
Advanced-PC-Care\1.0.0.11232

プログラムは、以下のWebサイトにアクセスし、情報を送受信します。

• http://cc.{BLOCKED}cedpccare.net/wcfCountryPricing/countrypricing.svc/GetCountryCode
• http://www.{BLOCKED}edpccare.com/getIpAddress.asp
• https://www.{BLOCKED}mains.com/domain_profile.cfm?d=advancedpccare&e=com
• http://trkr.{BLOCKED}edpccare.com/ipfiles/%3C!DOCTYPE%20html%3E%0A%3Chtml%20lang=%22en%22%3E%0A%3Chead%3E%0A%3Cmeta%20http-equiv=%22Content-Type%22%20content=%22text/html%20charset=UTF-8%22%3E%0A%0A%3Cmeta%20name=%22viewport%22%20content=%22width=device-width,%20initial-scale=1,%20shrink-to-fit=no%22%3E%0A%3Clink%20rel=%22stylesheet%22%20href=%22https://cdn_jsdelivr_net/gh/fancyapps/fancybox@3_5_7/dist/jquery_fancybox_min_css%22%20/%3E%0A%3Clink%20rel=%22stylesheet%22%20href=%22https://static_HugeDomains_com/css/hdv3-css/reboot_min_css%22%3E%0A%3Clink%20rel=%22stylesheet%22%20href=%22https://static_HugeDomains_com/css/hdv3-css/style_css?aa=2020-10-10%22%3E%0A%3Clink%20rel=%22stylesheet%22%20href=%22https://static_HugeDomains_com/css/hdv3-css/responsive_css?aa=2020-10-10%22%3E%0A%3Cmeta%20property=%22og:site_name%22%20content=%22HugeDomains%22%3E%0A%3Cmeta%20property=%22og:type%22%20content=%22website%22%3E%0A%3Cmeta%20property=%22og:image%22%20content=%22https://static_HugeDomains_com/images/hdv3-img/og_hugedomains_png%22%20/%3E%0A%3Ctitle%3EAdvancedPcCare_com%20is%20for%20sale%20%7C%20HugeDomains%3C/title%3E%0A%3Cmeta%20property=%22og:title%22%20content=%22AdvancedPcCare_com%20is%20for%20sale%20%7C%20HugeDomains%22%20/%3E%0A%3Cmeta%20property=%22og:url%22%20content=%22https://www_HugeDomains_com/domain_profile_cfm?d=AdvancedPcCare_com%22%20/%3E%0A%3Clink%20rel=%22canonical%22%20href=%22https://www_HugeDomains_com/domain_profile_cfm?d=AdvancedPcCare_com%22%20/%3E%0A%3Cmeta%20property=%22og:description%22%20content=%22Friendly%20and%20helpful%20customer%20support%20that%20goes%20above%20and%20beyond_%20We%20help%20you%20get%20the%20perfect%20domain%20name_%22%20/%3E%0A%3Cmeta%20name=%22description%22%20content=%22Friendly%20and%20helpful%20customer%20support%20that%20goes%20above%20and%20beyond_%20We%20help%20you%20get%20the%20perfect%20domain%20name_%22%20/%3E%0A%3Clink%20rel=%22stylesheet%22%20href=%22https://fonts_googleapis_com/css?family=Noto+Sans:400,700&display=swap%22%3E%0A%3Clink%20rel=%22stylesheet%22%20href=%22https://use_typekit_net/zyw6mds_css%22%3E%0A%0A%3Cscript%20async%20src=%22https://www_googletagmanager_com/gtag/js?id=UA-7117339-4%22%3E%3C/script%3E%0A%3Cscript%3E%0D%0Awindow_dataLayer%20=%20window_dataLayer%20%7C%7C%20%5B%5D%0D%0Afunction%20gtag()%7BdataLayer_push(arguments)%7D%0D%0Agtag('js',%20new%20Date())%0D%0A/*%20gtag('config',%20'UA-7117339-4')%20*/%0D%0Agtag('config',%20'UA-7117339-4',%20%7B%0D%0A'custom_map':%20%7B%0D%0A'dimension3':%20'siteversion'%0D%0A%7D%0D%0A%7D)%0D%0Agtag('event',%20'pageLoad',%20%7B%20'siteversion':%20'HDv3'%20%7D)%0D%0A%3C/script%3E%0A%3Cscript%20async%20src='/cdn-cgi/bm/cv/669835187/api_js'%3E%3C/script%3E%3C/head%3E%0A%3Cbody%3E%0A%3Cheader%20id=%22header%22%3E%0A%3Cdiv%20class=%22js-overlay-modal%20overlay-modal%22%3E%3C/div%3E%0A%3Cdiv%20class=%22container%22%3E%0A%3Cdiv%20class=%22header-top%20d-flex%20ai-center%22%3E%0A%3Cdiv%20class=%22navBurger%22%20role=%22navigation%22%20id=%22navToggle%22%3E%3C/div%3E%0A%3Ca%20class=%22logo%22%20href=%22https://www_HugeDomains_com/index_cfm%22%3E%3Cimg%20src=%22https://static_HugeDomains_com/images/hdv3-img/hugedomains_logo_svg%22%20alt=%22logo%22%20class=%22img-fluid%22%3E%3C/a%3E%0A%3Cdiv%20class=%22d-flex%20ai-center%20jc-end%22%3E%0A%3Cdiv%20class=%22search-trigger%20%22%3E%3Cscript%20type=%22text/javascript%22%20style=%22display:none%22%3E%0A//%3C!%5BCDATA%5B%0Awindow___mirage2%20=%20%7Bpetok:%22dc910f8f0f06bb7b988e52cd1901ac53b32aa025-1624269408-1800%22%7D%0A//%5D%5D%3E%0A%3C/script%3E%0A%3Cscript%20type=%22text/javascript%22%20src=%22https://ajax_cloudflare_com/cdn-cgi/scripts/04b3eb47/cloudflare-static/mirage2_min_js%22%3E%3C/script%3E%0A%3Cimg%20data-cfsrc=%22https://static_HugeDomains_com/images/hdv3-img/search-icon_png%22%20alt=%22%22%20style=%22display:nonevisibility:hidden%22%3E%3Cnoscript%3E%3Cimg%20src=%22https://static_HugeDomains_com/images/hdv3-img/search-icon_png%22%20alt=%22%22%3E%3C/noscript%3E%3C/div%3E%0A%3Cdiv%20class=%22search-box%20%22%3E%0A%0A%3Cform%20action=%22https://www_HugeDomains_com/domain_search_cfm%22%20method=%22get%22%20class=%22search-form%22%20id=%22siteHeaderFormSearchID%22%3E%0A%3Cinput%20type=%22text%22%20name=%22domain_name%22%20value=%22%22%20class=%22search-input%22%3E%0A%3Cbutton%20type=%22submit%22%20value=%22%22%20class=%22search-btn%22%20onClick=%22hdv3HeaderSearchSubmitFunc()%20return%20false%20%22%20style=%22min-width:90px%20height:35px%22%20id=%22hdv3HeaderSearchButtonID%22%3ESearch%3C/button%3E%0A%3Cbutton%20type=%22button%22%20value=%22%22%20id=%22hdv3HeaderSearchProcessingID%22%20class=%22search-btn%20btn%20hiddenAtLoad%20width50%22%20onclick=%22return%20false%22%20style=%22%20height:35px%20min-width:90px%20width:90px%20padding-left:0px%20padding-right:0px%20padding-bottom:0px%20padding-top:0px%20margin-bottom:0px%20overflow:hidden%22%3E%0A%3Cdiv%20id=%22circularG%22%20style=%22margin-left:0px%20margin-right:0px%20margin-top:2px%22%3E%0A%3Cdiv%20id=%22circularG_1%22%20class=%22circularG%22%3E%3C/div%3E%0A%3Cdiv%20id=%22circularG_2%22%20class=%22circularG%22%3E%3C/div%3E%0A%3Cdiv%20id=%22circularG_3%22%20class=%22circularG%22%3E%3C/div%3E%0A%3Cdiv%20id=%22circularG_4%22%20class=%22circularG%22%3E%3C/div%3E%0A%3Cdiv%20id=%22circularG_5%22%20class=%22circularG%22%3E%3C/div%3E%0A%3Cdiv%20id=%22circularG_6%22%20class=%22circularG%22%3E%3C/div%3E%0A%3Cdiv%20id=%22circularG_7%22%20class=%22circularG%22%3E%3C/div%3E%0A%3Cdiv%20id=%22circularG_8%22%20class=%22circularG%22%3E%3C/div%3E%0A%3C/div%3E%0A%3C/button%3E%0A%3C/form%3E%0A%3C/div%3E%0A%3Cspan%20class=%22questions%22%3EQuestions?%3C/span%3E%3Ca%20href=%22tel:1-303-893-0552%22%20class=%22header-tel%22%3E%3Cimg%20data-cfsrc=%22https://static_HugeDomains_com/images/hdv3-img/phone-icon_png%22%20alt=%22%22%20style=%22display:nonevisibility:hidden%22%3E%3Cnoscript%3E%3Cimg%20src=%22https://static_HugeDomains_com/images/hdv3-img/phone-icon_png%22%20alt=%22%22%3E%3C/noscript%3E%3Cspan%20class=%22tell-text%22%3E+1-303-893-0552%3C/span%3E%3C/a%3E%0A%3C/div%3E%0A%3C/div%3E%0A%3C/div%3E%0A%3Cnav%20class=%22navbar%22%3E%0A%3Cdiv%20class=%22overlay%22%3E%0A%3Cdiv%20class=%22overlayMenu%20d-flex%20ai-center%20jc-between%22%3E%0A%3Cul%20class=%22navbar-nav%22%3E%0A%3Cli%20class=%22nav-item%22%3E%0A%3Ca%20class=%22nav-link%22%20href=%22https://www_HugeDomains_com/index_cfm%22%3EHome%3C/a%3E%0A%3C/li%3E%0A%3Cli%20class=%22nav-item%22%3E%0A%3Ca%20class=%22nav-link%22%20href=%22https://www_HugeDomains_com/faq_cfm%22%3EFAQs%3C/a%3E%0A%3C/li%3E%0A%3Cli%20class=%22nav-item%22%3E%0A%3Ca%20class=%22nav-link%22%20href=%22https://www_HugeDomains_com/about_cfm%22%3EAbout%20us%3C/a%3E%0A%3C/li%3E%0A%3Cli%20class=%22nav-item%22%3E%0A%3Ca%20class=%22nav-link%22%20href=%22https://www_HugeDomains_com/contact_cfm%22%3EContact%20us%3C/a%3E%0A%3C/li%3E%0A%3Cli%20class=%22nav-item%22%3E%0A%3Ca%20href=%22https://www_HugeDomains_com/payment-plan-login_cfm%22%20class=%22nav-link%22%3EMy%20account%3C/a%3E%0A%3C/li%3E%0A%3C/ul%3E%0A%3Cdiv%20class=%22shop-links%22%3E%0A%3Ca%20href=%22https://www_HugeDomains_com/shopping_cart_cfm%22%20class=%22cart-link%22%3EShopping%20cart%3C/a%3E%0A%3Cdiv%20class=%22cart-icon%20empty-cart%20%22%20id=%22hdv3HeaderCartIconDivID%22%3E%3Cimg%20data-cfsrc=%22https://static_HugeDomains_com/images/hdv3-img/cart_png%22%20alt=%22%22%20onclick=%22document_location%20=%20'https://www_HugeDomains_com/shopping_cart_cfm'%22%20data-cfstyle=%22cursor:%20pointer%22%20style=%22display:nonevisibility:hidden%22%3E%3Cnoscript%3E%3Cimg%20src=%22https://static_HugeDomains_com/images/hdv3-img/cart_png%22%20alt=%22%22%20onclick=%22document_location%20=%20'https://www_HugeDomains_com/shopping_cart_cfm'%22%20style=%22cursor:%20pointer%22%3E%3C/noscript%3E%3Cspan%20class=%22cart-number%20hiddenAtLoad%22%20id=%22hdv3CartNumberSpanID%22%20onclick=%22document_location%20=%20'https://www_HugeDomains_com/shopping_cart_cfm'%22%20style=%22cursor:%20pointer%22%3E%3C/span%3E%3C/div%3E%0A%3C/div%3E%0A%3C/div%3E%0A%3C/div%3E%0A%3C/nav%3E%0A%3C/header%3E%0A%3Cmain%20class=%22site-main%20%22%3E%0A%0A%0A%3Cdiv%20class=%22slide-sidebar-block%20save-100%20sumary-pp%20two-btn-block%20dn%22%3E%0A%3Cdiv%20class=%22ss-block-inner%22%3E%0A%3Cspan%20class=%22ss-block-title%20green%22%3EAdvancedPcCare_com%3C/span%3E%0A%3Cspan%20class=%22row-save%20save-footer-row%22%3E%0A%3Cspan%3EBuy%20now%20%3Cspan%20class=%22green%22%3E%3Cb%3E$4,795%3C/b%3E%3C/span%3E%3C/span%3E%0A%3C/span%3E%0A%3Ca%20href=%22https://www_HugeDomains_com/shopping_cart_cfm?d=AdvancedPcCare&e=com%22%20class=%22btn%20m-b-0%22%3E&
• http://ww12.{BLOCKED}edpccare.net/
• http://ww12.{BLOCKED}edpccare.net/track.php?domain=advancedpccare.net&toggle=browserjs&uid={UID}
• http://ww12.{BLOCKED}edpccare.net/ls.php

プログラムは、以下のWebサイトに誘導します。

• http://dp.g.{BLOCK}click.net/apps/domainpark/domainpark.cgi?client=ca-dp-teaminternet09_3ph&channel=000002,bucket052&domain_name=advancedpccare.net&output=html&drid={uid}

プログラムは、以下を実行します。

• Uses the following user-interface: