Техническая информация
- "%TEMP%\volume-serial-number-editor-1.60.01_tmp.exe" (загружен из сети Интернет)
- <SYSTEM32>\msiexec.exe -Embedding 63B11B1639F50E24760E85A7C452A129 C
- <SYSTEM32>\msiexec.exe /V
- <SYSTEM32>\msiexec.exe
- %APPDATA%\Microsoft\CryptnetUrlCache\MetaData\B69D763EB21649DA26F20618312DEE70
- %TEMP%\20aa4.msi
- %APPDATA%\Microsoft\CryptnetUrlCache\Content\B69D763EB21649DA26F20618312DEE70
- %TEMP%\MSI4.tmp
- %TEMP%\MSI3.tmp
- %TEMP%\nsu2.tmp\NSISdl.dll
- %TEMP%\volume-serial-number-editor-1.60.01.exe
- %APPDATA%\Volume Serial Number Editor\install\1.60.01\klvolsnedit.msi
- %TEMP%\volume-serial-number-editor-1.60.01_tmp.exe
- %APPDATA%\Volume Serial Number Editor\install\1.60.01\disk1.cab
- %TEMP%\nsu2.tmp\NSISdl.dll
- %TEMP%\MSI4.tmp
- %TEMP%\MSI3.tmp
- 'cr#.##ertrust.com':80
- 'ap###rsion.biz':80
- cr#.##ertrust.com/UTN-USERFirst-Object.crl
- ap###rsion.biz/version/check.php?ve##############################################
- DNS ASK cr#.##ertrust.com
- DNS ASK ap###rsion.biz
- ClassName: 'Shell_TrayWnd' WindowName: ''