Техническая информация
Для обеспечения автозапуска и распространения
Модифицирует следующие ключи реестра
- [<HKLM>\Software\Classes\BurnAwareOpen\shell\open\command] '' = '"%ProgramFiles(x86)%\BurnAware Free\burnaware.exe"'
Изменения в файловой системе
Создает следующие файлы
- %TEMP%\7zipsfx.000\burnaware_free_14.2.exe
- %TEMP%\7zsc59a7951\resources\tis\config.tis
- %TEMP%\7zsc59a7951\resources\style.css
- %TEMP%\7zsc59a7951\resources\offerpage.html
- %TEMP%\7zsc59a7951\resources\installingpage.html
- %TEMP%\7zsc59a7951\resources\images\warning48x48.png
- %TEMP%\7zsc59a7951\resources\images\loader.gif
- %TEMP%\7zsc59a7951\offerinstaller.exe.config
- %TEMP%\7zsc59a7951\bundleconfig.json
- %TEMP%\7zsc59a7951\resources\tis\eventhandler.tis
- %TEMP%\7zsc59a7951\genericsetup.exe.config
- %ProgramFiles(x86)%\burnaware free\unins000.dat
- C:\users\public\desktop\burnaware free.lnk
- %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\burnaware free\uninstall burnaware free.lnk
- %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\burnaware free\burnaware free on the web.url
- %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\burnaware free\help.lnk
- %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\burnaware free\burnaware free.lnk
- %ProgramFiles(x86)%\burnaware free\themes\is-tu2n9.tmp
- %ProgramFiles(x86)%\burnaware free\themes\is-b2qr5.tmp
- %TEMP%\7zsc59a7951\app.ico
- %TEMP%\7zsc59a7951\resources\tis\log.tis
- %TEMP%\7zsc59a7951\resources\tis\translateoffertemplate.tis
- %TEMP%\7zsc59a7951\resources\tis\viewstateloader.tis
- %TEMP%\7zsc59a7951\sciter32.dll
- %TEMP%\7zsc59a7951\ru\devlib.resources.dll
- %TEMP%\7zsc59a7951\pt\devlib.resources.dll
- %TEMP%\7zsc59a7951\offerservicesdk.dll
- %TEMP%\7zsc59a7951\offerinstaller.exe
- %TEMP%\7zsc59a7951\newtonsoft.json.dll
- %TEMP%\7zsc59a7951\microsoft.win32.taskscheduler.dll
- %TEMP%\7zsc59a7951\it\devlib.resources.dll
- %TEMP%\7zsc59a7951\installer.exe
- %TEMP%\7zsc59a7951\htmlagilitypack.dll
- %TEMP%\7zsc59a7951\h2osciter.dll
- %TEMP%\7zsc59a7951\genericsetup.dll
- %TEMP%\7zsc59a7951\fr\devlib.resources.dll
- %TEMP%\7zsc59a7951\es\devlib.resources.dll
- %TEMP%\7zsc59a7951\en\devlib.resources.dll
- %TEMP%\7zsc59a7951\devlib.services.dll
- %TEMP%\7zsc59a7951\devlib.dll
- %TEMP%\7zsc59a7951\de\devlib.resources.dll
- %TEMP%\7zsc59a7951\genericsetup.exe
- %ProgramFiles(x86)%\burnaware free\themes\is-a0qfd.tmp
- %TEMP%\7zsc59a7951\2021.03.31_15.35.56.750400_installer_pid=1164.txt
- %ProgramFiles(x86)%\burnaware free\themes\is-8l8d3.tmp
- %ProgramFiles(x86)%\burnaware free\themes\is-sk8ob.tmp
- %ProgramFiles(x86)%\burnaware free\is-jclcv.tmp
- %ProgramFiles(x86)%\burnaware free\is-or8n5.tmp
- %ProgramFiles(x86)%\burnaware free\is-huoi1.tmp
- %ProgramFiles(x86)%\burnaware free\is-pifn9.tmp
- %ProgramFiles(x86)%\burnaware free\is-v2k6c.tmp
- %ProgramFiles(x86)%\burnaware free\is-27tme.tmp
- %ProgramFiles(x86)%\burnaware free\is-1i103.tmp
- %ProgramFiles(x86)%\burnaware free\is-fnaim.tmp
- %ProgramFiles(x86)%\burnaware free\is-cm87a.tmp
- %ProgramFiles(x86)%\burnaware free\is-tgkbl.tmp
- %ProgramFiles(x86)%\burnaware free\is-1h45l.tmp
- %ProgramFiles(x86)%\burnaware free\is-g132p.tmp
- %ProgramFiles(x86)%\burnaware free\is-9p352.tmp
- %ProgramFiles(x86)%\burnaware free\is-ss80v.tmp
- %TEMP%\is-m29l0.tmp\ba001.exe
- %TEMP%\is-m29l0.tmp\idp.dll
- %TEMP%\is-m29l0.tmp\_isetup\_setup64.tmp
- %TEMP%\is-0e4uc.tmp\burnaware_free_14.2.tmp
- %ProgramFiles(x86)%\burnaware free\is-7vor9.tmp
- %ProgramFiles(x86)%\burnaware free\is-6ofd8.tmp
- %ProgramFiles(x86)%\burnaware free\is-298m7.tmp
- %ProgramFiles(x86)%\burnaware free\is-ucpr7.tmp
- %ProgramFiles(x86)%\burnaware free\themes\is-qafik.tmp
- %ProgramFiles(x86)%\burnaware free\themes\is-trb5h.tmp
- %ProgramFiles(x86)%\burnaware free\is-aaqni.tmp
- %ProgramFiles(x86)%\burnaware free\is-pkink.tmp
- %ProgramFiles(x86)%\burnaware free\is-durcm.tmp
- %ProgramFiles(x86)%\burnaware free\is-nen5o.tmp
- %ProgramFiles(x86)%\burnaware free\is-tn2t0.tmp
- %ProgramFiles(x86)%\burnaware free\is-gm65a.tmp
- %ProgramFiles(x86)%\burnaware free\is-ig5cq.tmp
- %ProgramFiles(x86)%\burnaware free\is-mpp3v.tmp
- %ProgramFiles(x86)%\burnaware free\is-hmhbl.tmp
- %ProgramFiles(x86)%\burnaware free\is-0sjhl.tmp
- %ProgramFiles(x86)%\burnaware free\is-e9lm9.tmp
- %ProgramFiles(x86)%\burnaware free\is-7ntqf.tmp
- %ProgramFiles(x86)%\burnaware free\is-ioq8o.tmp
- %ProgramFiles(x86)%\burnaware free\is-moggs.tmp
- %ProgramFiles(x86)%\burnaware free\is-k8f0b.tmp
- %ProgramFiles(x86)%\burnaware free\is-qk47f.tmp
- %ProgramFiles(x86)%\burnaware free\is-mcldi.tmp
- %ProgramFiles(x86)%\burnaware free\themes\is-n7ua3.tmp
- %LOCALAPPDATA%\microsoft\windows\history\history.ie5\mshist012021033120210401\index.dat
Удаляет следующие файлы
- %TEMP%\7zsc59a7951\2021.03.31_15.35.56.750400_installer_pid=1164.txt
- %TEMP%\7zsc59a7951\app.ico
- %TEMP%\7zsc59a7951\bundleconfig.json
- %TEMP%\7zsc59a7951\de\devlib.resources.dll
- %TEMP%\7zsc59a7951\devlib.dll
- %TEMP%\is-m29l0.tmp\ba001.exe
- %TEMP%\is-m29l0.tmp\idp.dll
- %TEMP%\is-m29l0.tmp\_isetup\_setup64.tmp
- %TEMP%\is-0e4uc.tmp\burnaware_free_14.2.tmp
- %TEMP%\7zipsfx.000\burnaware_free_14.2.exe
Перемещает следующие файлы
- %ProgramFiles(x86)%\burnaware free\is-ss80v.tmp в %ProgramFiles(x86)%\burnaware free\unins000.exe
- %ProgramFiles(x86)%\burnaware free\is-7ntqf.tmp в %ProgramFiles(x86)%\burnaware free\bassenc_aac.dll
- %ProgramFiles(x86)%\burnaware free\is-e9lm9.tmp в %ProgramFiles(x86)%\burnaware free\bassenc_flac.dll
- %ProgramFiles(x86)%\burnaware free\is-0sjhl.tmp в %ProgramFiles(x86)%\burnaware free\bassenc_mp3.dll
- %ProgramFiles(x86)%\burnaware free\is-hmhbl.tmp в %ProgramFiles(x86)%\burnaware free\bassenc_ogg.dll
- %ProgramFiles(x86)%\burnaware free\is-mpp3v.tmp в %ProgramFiles(x86)%\burnaware free\bassflac.dll
- %ProgramFiles(x86)%\burnaware free\is-ig5cq.tmp в %ProgramFiles(x86)%\burnaware free\bassmix.dll
- %ProgramFiles(x86)%\burnaware free\is-gm65a.tmp в %ProgramFiles(x86)%\burnaware free\basswma.dll
- %ProgramFiles(x86)%\burnaware free\is-tn2t0.tmp в %ProgramFiles(x86)%\burnaware free\basswv.dll
- %ProgramFiles(x86)%\burnaware free\is-durcm.tmp в %ProgramFiles(x86)%\burnaware free\bass_ac3.dll
- %ProgramFiles(x86)%\burnaware free\themes\is-b2qr5.tmp в %ProgramFiles(x86)%\burnaware free\themes\office.vsf
- %ProgramFiles(x86)%\burnaware free\is-pkink.tmp в %ProgramFiles(x86)%\burnaware free\bass_ape.dll
- %ProgramFiles(x86)%\burnaware free\is-aaqni.tmp в %ProgramFiles(x86)%\burnaware free\tags.dll
- %ProgramFiles(x86)%\burnaware free\themes\is-trb5h.tmp в %ProgramFiles(x86)%\burnaware free\themes\dark.vsf
- %ProgramFiles(x86)%\burnaware free\themes\is-qafik.tmp в %ProgramFiles(x86)%\burnaware free\themes\darkblue.vsf
- %ProgramFiles(x86)%\burnaware free\themes\is-sk8ob.tmp в %ProgramFiles(x86)%\burnaware free\themes\darkgray.vsf
- %ProgramFiles(x86)%\burnaware free\themes\is-n7ua3.tmp в %ProgramFiles(x86)%\burnaware free\themes\light.vsf
- %ProgramFiles(x86)%\burnaware free\themes\is-8l8d3.tmp в %ProgramFiles(x86)%\burnaware free\themes\lightblue.vsf
- %ProgramFiles(x86)%\burnaware free\themes\is-a0qfd.tmp в %ProgramFiles(x86)%\burnaware free\themes\lightgray.vsf
- %ProgramFiles(x86)%\burnaware free\is-ioq8o.tmp в %ProgramFiles(x86)%\burnaware free\bassenc.dll
- %ProgramFiles(x86)%\burnaware free\is-nen5o.tmp в %ProgramFiles(x86)%\burnaware free\bass_aac.dll
- %ProgramFiles(x86)%\burnaware free\is-moggs.tmp в %ProgramFiles(x86)%\burnaware free\bassalac.dll
- %ProgramFiles(x86)%\burnaware free\is-v2k6c.tmp в %ProgramFiles(x86)%\burnaware free\makeiso.exe
- %ProgramFiles(x86)%\burnaware free\is-9p352.tmp в %ProgramFiles(x86)%\burnaware free\spandisc.exe
- %ProgramFiles(x86)%\burnaware free\is-g132p.tmp в %ProgramFiles(x86)%\burnaware free\audiocd.exe
- %ProgramFiles(x86)%\burnaware free\is-1h45l.tmp в %ProgramFiles(x86)%\burnaware free\burnimage.exe
- %ProgramFiles(x86)%\burnaware free\is-7vor9.tmp в %ProgramFiles(x86)%\burnaware free\mediadisc.exe
- %ProgramFiles(x86)%\burnaware free\is-tgkbl.tmp в %ProgramFiles(x86)%\burnaware free\datadisc.exe
- %ProgramFiles(x86)%\burnaware free\is-fnaim.tmp в %ProgramFiles(x86)%\burnaware free\discinfo.exe
- %ProgramFiles(x86)%\burnaware free\is-1i103.tmp в %ProgramFiles(x86)%\burnaware free\erasedisc.exe
- %ProgramFiles(x86)%\burnaware free\is-27tme.tmp в %ProgramFiles(x86)%\burnaware free\copyimage.exe
- %ProgramFiles(x86)%\burnaware free\is-pifn9.tmp в %ProgramFiles(x86)%\burnaware free\burnaware.exe
- %ProgramFiles(x86)%\burnaware free\is-qk47f.tmp в %ProgramFiles(x86)%\burnaware free\bamedialib.dll
- %ProgramFiles(x86)%\burnaware free\is-huoi1.tmp в %ProgramFiles(x86)%\burnaware free\verifydisc.exe
- %ProgramFiles(x86)%\burnaware free\is-or8n5.tmp в %ProgramFiles(x86)%\burnaware free\burnaware.chm
- %ProgramFiles(x86)%\burnaware free\is-jclcv.tmp в %ProgramFiles(x86)%\burnaware free\dos622.img
- %ProgramFiles(x86)%\burnaware free\is-cm87a.tmp в %ProgramFiles(x86)%\burnaware free\isofile.ico
- %ProgramFiles(x86)%\burnaware free\is-6ofd8.tmp в %ProgramFiles(x86)%\burnaware free\bashell32.dll
- %ProgramFiles(x86)%\burnaware free\is-298m7.tmp в %ProgramFiles(x86)%\burnaware free\bashell64.dll
- %ProgramFiles(x86)%\burnaware free\is-ucpr7.tmp в %ProgramFiles(x86)%\burnaware free\wnaspi32.dll
- %ProgramFiles(x86)%\burnaware free\is-mcldi.tmp в %ProgramFiles(x86)%\burnaware free\badatamain.dll
- %ProgramFiles(x86)%\burnaware free\is-k8f0b.tmp в %ProgramFiles(x86)%\burnaware free\bass.dll
- %ProgramFiles(x86)%\burnaware free\themes\is-tu2n9.tmp в %ProgramFiles(x86)%\burnaware free\themes\ubuntu.vsf
Изменяет следующие файлы
Сетевая активность
Подключается к
- 'or##t.com':443
- 'microsoft.com':80
- 'fl##.#avasoft.com':80
- 'fl##.#avasoft.com':443
- 'so#.#daware.com':443
- 'bu###ware.com':80
- 'bu###ware.com':443
- 'pa#####.#ooglesyndication.com':443
TCP
- 'or##t.com':443
- 'fl##.#avasoft.com':443
- 'so#.#daware.com':443
- 'bu###ware.com':443
- 'pa#####.#ooglesyndication.com':443
UDP
- DNS ASK or##t.com
- DNS ASK microsoft.com
- DNS ASK fl##.#avasoft.com
- DNS ASK google.com
- DNS ASK so#.#daware.com
- DNS ASK bu###ware.com
- DNS ASK pa#####.#ooglesyndication.com
Другое
Ищет следующие окна
- ClassName: 'DDEMLMom' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'Static' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
Создает и запускает на исполнение
- '%TEMP%\7zipsfx.000\burnaware_free_14.2.exe' /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /SP-
- '%TEMP%\is-0e4uc.tmp\burnaware_free_14.2.tmp' /SL5="$D0210,10826551,189952,%TEMP%\7ZipSfx.000\burnaware_free_14.2.exe" /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /SP-
- '%TEMP%\is-m29l0.tmp\ba001.exe' hhwnd=1573412 hasync hshowcarrier
- '%TEMP%\7zsc59a7951\installer.exe' hhwnd=1573412 hasync hshowcarrier
- '%TEMP%\7zsc59a7951\genericsetup.exe' %TEMP%\7zSC59A7951\GenericSetup.exe hhwnd=1573412 hasync hshowcarrier
- '%TEMP%\7zsc59a7951\genericsetup.exe' %TEMP%\7zSC59A7951\GenericSetup.exe hhwnd=1573412 hsecondrun hshowcarrier
