Техническая информация
- [<HKLM>\Software\Classes\cclaunch\shell\open\command] '' = '"%ProgramFiles%\CCleaner\ccleaner64.exe" /%1'
- [<HKLM>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'GrpConv' = 'grpconv -o'
- %TEMP%\rarsfx0\cybermania.url
- %ProgramFiles%\ccleaner\lang\set7efd.tmp
- %ProgramFiles%\ccleaner\lang\set7ebe.tmp
- %ProgramFiles%\ccleaner\lang\set7ead.tmp
- %ProgramFiles%\ccleaner\lang\set7e8d.tmp
- %ProgramFiles%\ccleaner\lang\set7e7c.tmp
- %ProgramFiles%\ccleaner\lang\set7e4c.tmp
- %ProgramFiles%\ccleaner\lang\set7e3c.tmp
- %ProgramFiles%\ccleaner\lang\set7e0c.tmp
- %ProgramFiles%\ccleaner\lang\set7dfb.tmp
- %ProgramFiles%\ccleaner\lang\set7ddb.tmp
- %ProgramFiles%\ccleaner\lang\set7dcb.tmp
- %ProgramFiles%\ccleaner\lang\set7d9b.tmp
- %ProgramFiles%\ccleaner\lang\set7d9a.tmp
- %ProgramFiles%\ccleaner\lang\set7d5a.tmp
- %ProgramFiles%\ccleaner\lang\set7d4a.tmp
- %ProgramFiles%\ccleaner\lang\set7d2a.tmp
- %ProgramFiles%\ccleaner\lang\set7d19.tmp
- %ProgramFiles%\ccleaner\lang\set7ce9.tmp
- %ProgramFiles%\ccleaner\lang\set7cd9.tmp
- %ProgramFiles%\ccleaner\lang\set7ca9.tmp
- %ProgramFiles%\ccleaner\lang\set7c98.tmp
- %ProgramFiles%\ccleaner\lang\set7c78.tmp
- %ProgramFiles%\ccleaner\lang\set7c67.tmp
- %ProgramFiles%\ccleaner\lang\set7c47.tmp
- %ProgramFiles%\ccleaner\lang\set7c37.tmp
- %ProgramFiles%\ccleaner\lang\set7c16.tmp
- %ProgramFiles%\ccleaner\lang\set7c06.tmp
- %ProgramFiles%\ccleaner\lang\set7be6.tmp
- %ProgramFiles%\ccleaner\lang\set7bd5.tmp
- %ProgramFiles%\ccleaner\lang\set7f0e.tmp
- %ProgramFiles%\ccleaner\lang\set7f3d.tmp
- %ProgramFiles%\ccleaner\lang\set7f4e.tmp
- %ProgramFiles%\ccleaner\lang\set7f7e.tmp
- %ProgramFiles%\ccleaner\ccleaner.ini
- %ProgramFiles%\ccleaner\set821a.tmp
- %ProgramFiles%\ccleaner\set81eb.tmp
- %ProgramFiles%\ccleaner\lang\set81ab.tmp
- %ProgramFiles%\ccleaner\lang\set819b.tmp
- %ProgramFiles%\ccleaner\lang\set816b.tmp
- %ProgramFiles%\ccleaner\lang\set815a.tmp
- %ProgramFiles%\ccleaner\lang\set812a.tmp
- %ProgramFiles%\ccleaner\lang\set811a.tmp
- %ProgramFiles%\ccleaner\lang\set80fa.tmp
- %ProgramFiles%\ccleaner\lang\set80d9.tmp
- %ProgramFiles%\ccleaner\lang\set80c9.tmp
- %ProgramFiles%\ccleaner\lang\set80b8.tmp
- %ProgramFiles%\ccleaner\lang\set8098.tmp
- %ProgramFiles%\ccleaner\lang\set8058.tmp
- %ProgramFiles%\ccleaner\lang\set8097.tmp
- %ProgramFiles%\ccleaner\lang\set8057.tmp
- %ProgramFiles%\ccleaner\lang\set8046.tmp
- %ProgramFiles%\ccleaner\lang\set8035.tmp
- %ProgramFiles%\ccleaner\lang\set8025.tmp
- %ProgramFiles%\ccleaner\lang\set8014.tmp
- %ProgramFiles%\ccleaner\lang\set8004.tmp
- %ProgramFiles%\ccleaner\lang\set8003.tmp
- %ProgramFiles%\ccleaner\lang\set7ff2.tmp
- %ProgramFiles%\ccleaner\lang\set7fe1.tmp
- %ProgramFiles%\ccleaner\lang\set7fd1.tmp
- %ProgramFiles%\ccleaner\lang\set7fc0.tmp
- %ProgramFiles%\ccleaner\lang\set7fb0.tmp
- %ProgramFiles%\ccleaner\lang\set7faf.tmp
- %ProgramFiles%\ccleaner\lang\set7f8e.tmp
- %TEMP%\c8f7r45f.cmd
- %ProgramFiles%\ccleaner\lang\set7ba5.tmp
- %ProgramFiles%\ccleaner\lang\set7b95.tmp
- %ProgramFiles%\ccleaner\lang\set7b65.tmp
- %ProgramFiles%\ccleaner\lang\set7873.tmp
- %ProgramFiles%\ccleaner\lang\set7872.tmp
- %ProgramFiles%\ccleaner\lang\set7852.tmp
- %ProgramFiles%\ccleaner\lang\set7851.tmp
- %ProgramFiles%\ccleaner\lang\set7831.tmp
- %ProgramFiles%\ccleaner\lang\set7830.tmp
- %ProgramFiles%\ccleaner\lang\set781f.tmp
- %ProgramFiles%\ccleaner\lang\set780e.tmp
- %ProgramFiles%\ccleaner\lang\set77fe.tmp
- %ProgramFiles%\ccleaner\lang\set77fd.tmp
- %ProgramFiles%\ccleaner\lang\set77ec.tmp
- %ProgramFiles%\ccleaner\lang\set77dc.tmp
- %ProgramFiles%\ccleaner\lang\set77bb.tmp
- %ProgramFiles%\ccleaner\lang\set77ba.tmp
- %ProgramFiles%\ccleaner\lang\set77aa.tmp
- %ProgramFiles%\ccleaner\lang\set7799.tmp
- %ProgramFiles%\ccleaner\lang\set7789.tmp
- %ProgramFiles%\ccleaner\lang\set7788.tmp
- %ProgramFiles%\ccleaner\lang\set7767.tmp
- %ProgramFiles%\ccleaner\lang\set7766.tmp
- %ProgramFiles%\ccleaner\set75b1.tmp
- %ProgramFiles%\ccleaner\set71f8.tmp
- %ProgramFiles%\ccleaner\set71e7.tmp
- %ProgramFiles%\ccleaner\set71e6.tmp
- %ProgramFiles%\ccleaner\set71c6.tmp
- %ProgramFiles%\ccleaner\set71c5.tmp
- %TEMP%\rarsfx0\ccleaner64.inf
- %TEMP%\rarsfx0\ccleaner64.cab
- %TEMP%\rarsfx0\blockhost64.exe
- %ProgramFiles%\ccleaner\lang\set7893.tmp
- %ProgramFiles%\ccleaner\lang\set7894.tmp
- %ProgramFiles%\ccleaner\lang\set78b4.tmp
- %ProgramFiles%\ccleaner\lang\set78b5.tmp
- %ProgramFiles%\ccleaner\lang\set7b34.tmp
- %ProgramFiles%\ccleaner\lang\set7b23.tmp
- %ProgramFiles%\ccleaner\lang\set7ae4.tmp
- %ProgramFiles%\ccleaner\lang\set7ad3.tmp
- %ProgramFiles%\ccleaner\lang\set7aa4.tmp
- %ProgramFiles%\ccleaner\lang\set7a93.tmp
- %ProgramFiles%\ccleaner\lang\set7a54.tmp
- %ProgramFiles%\ccleaner\lang\set7a53.tmp
- %ProgramFiles%\ccleaner\lang\set7a32.tmp
- %ProgramFiles%\ccleaner\lang\set7a31.tmp
- %ProgramFiles%\ccleaner\lang\set7a11.tmp
- %ProgramFiles%\ccleaner\lang\set7a10.tmp
- %ProgramFiles%\ccleaner\lang\set79f0.tmp
- %ProgramFiles%\ccleaner\lang\set79ef.tmp
- %ProgramFiles%\ccleaner\lang\set79ce.tmp
- %ProgramFiles%\ccleaner\lang\set79cf.tmp
- %ProgramFiles%\ccleaner\lang\set79ad.tmp
- %ProgramFiles%\ccleaner\lang\set799d.tmp
- %ProgramFiles%\ccleaner\lang\set797d.tmp
- %ProgramFiles%\ccleaner\lang\set797c.tmp
- %ProgramFiles%\ccleaner\lang\set795b.tmp
- %ProgramFiles%\ccleaner\lang\set795a.tmp
- %ProgramFiles%\ccleaner\lang\set792b.tmp
- %ProgramFiles%\ccleaner\lang\set792a.tmp
- %ProgramFiles%\ccleaner\lang\set7909.tmp
- %ProgramFiles%\ccleaner\lang\set7908.tmp
- %ProgramFiles%\ccleaner\lang\set78f8.tmp
- %ProgramFiles%\ccleaner\lang\set78e7.tmp
- %ProgramFiles%\ccleaner\lang\set78d7.tmp
- %ProgramFiles%\ccleaner\lang\set78c6.tmp
- %ProgramFiles%\ccleaner\lang\set7b54.tmp
- nul
- %ProgramFiles%\ccleaner\set71c5.tmp
- %ProgramFiles%\ccleaner\lang\set7cd9.tmp
- %ProgramFiles%\ccleaner\lang\set7d19.tmp
- %ProgramFiles%\ccleaner\lang\set7d4a.tmp
- %ProgramFiles%\ccleaner\lang\set7d9a.tmp
- %ProgramFiles%\ccleaner\lang\set7dcb.tmp
- %ProgramFiles%\ccleaner\lang\set7dfb.tmp
- %ProgramFiles%\ccleaner\lang\set7e3c.tmp
- %ProgramFiles%\ccleaner\lang\set7e7c.tmp
- %ProgramFiles%\ccleaner\lang\set7ead.tmp
- %ProgramFiles%\ccleaner\lang\set7efd.tmp
- %ProgramFiles%\ccleaner\lang\set7f3d.tmp
- %ProgramFiles%\ccleaner\lang\set7f7e.tmp
- %ProgramFiles%\ccleaner\lang\set7faf.tmp
- %ProgramFiles%\ccleaner\lang\set7c67.tmp
- %ProgramFiles%\ccleaner\lang\set7c98.tmp
- %ProgramFiles%\ccleaner\lang\set7fc0.tmp
- %ProgramFiles%\ccleaner\lang\set7fe1.tmp
- %TEMP%\rarsfx0\ccleaner64.cab
- %TEMP%\rarsfx0\blockhost64.exe
- %TEMP%\c8f7r45f.cmd
- %ProgramFiles%\ccleaner\set81eb.tmp
- %ProgramFiles%\ccleaner\lang\set819b.tmp
- %ProgramFiles%\ccleaner\lang\set7a10.tmp
- %ProgramFiles%\ccleaner\lang\set815a.tmp
- %ProgramFiles%\ccleaner\lang\set80d9.tmp
- %ProgramFiles%\ccleaner\lang\set80b8.tmp
- %ProgramFiles%\ccleaner\lang\set8097.tmp
- %ProgramFiles%\ccleaner\lang\set8057.tmp
- %ProgramFiles%\ccleaner\lang\set8035.tmp
- %ProgramFiles%\ccleaner\lang\set8014.tmp
- %ProgramFiles%\ccleaner\lang\set8003.tmp
- %ProgramFiles%\ccleaner\lang\set7c37.tmp
- %ProgramFiles%\ccleaner\lang\set7c06.tmp
- %ProgramFiles%\ccleaner\lang\set7bd5.tmp
- %ProgramFiles%\ccleaner\set71f8.tmp
- %ProgramFiles%\ccleaner\lang\set7766.tmp
- %ProgramFiles%\ccleaner\lang\set7788.tmp
- %ProgramFiles%\ccleaner\lang\set7799.tmp
- %ProgramFiles%\ccleaner\lang\set77ba.tmp
- %ProgramFiles%\ccleaner\lang\set77dc.tmp
- %ProgramFiles%\ccleaner\lang\set77fd.tmp
- %ProgramFiles%\ccleaner\lang\set780e.tmp
- %ProgramFiles%\ccleaner\lang\set7830.tmp
- %ProgramFiles%\ccleaner\lang\set7851.tmp
- %ProgramFiles%\ccleaner\lang\set7872.tmp
- %ProgramFiles%\ccleaner\lang\set7893.tmp
- %ProgramFiles%\ccleaner\lang\set78b4.tmp
- %ProgramFiles%\ccleaner\lang\set78c6.tmp
- %ProgramFiles%\ccleaner\set71e6.tmp
- %ProgramFiles%\ccleaner\lang\set78e7.tmp
- %ProgramFiles%\ccleaner\lang\set7b95.tmp
- %ProgramFiles%\ccleaner\lang\set7908.tmp
- %ProgramFiles%\ccleaner\lang\set792a.tmp
- %ProgramFiles%\ccleaner\lang\set795a.tmp
- %ProgramFiles%\ccleaner\lang\set797c.tmp
- %ProgramFiles%\ccleaner\lang\set799d.tmp
- %ProgramFiles%\ccleaner\lang\set79ce.tmp
- %ProgramFiles%\ccleaner\lang\set811a.tmp
- %ProgramFiles%\ccleaner\lang\set79ef.tmp
- %TEMP%\rarsfx0\ccleaner64.inf
- %ProgramFiles%\ccleaner\lang\set7a53.tmp
- %ProgramFiles%\ccleaner\lang\set7a93.tmp
- %ProgramFiles%\ccleaner\lang\set7ad3.tmp
- %ProgramFiles%\ccleaner\lang\set7b23.tmp
- %ProgramFiles%\ccleaner\lang\set7b54.tmp
- %ProgramFiles%\ccleaner\lang\set7a31.tmp
- %TEMP%\rarsfx0\cybermania.url
- %ProgramFiles%\ccleaner\set71c6.tmp в %ProgramFiles%\ccleaner\branding.dll
- %ProgramFiles%\ccleaner\lang\set7c16.tmp в %ProgramFiles%\ccleaner\lang\lang-1058.dll
- %ProgramFiles%\ccleaner\lang\set7c47.tmp в %ProgramFiles%\ccleaner\lang\lang-1059.dll
- %ProgramFiles%\ccleaner\lang\set7c78.tmp в %ProgramFiles%\ccleaner\lang\lang-1060.dll
- %ProgramFiles%\ccleaner\lang\set7ca9.tmp в %ProgramFiles%\ccleaner\lang\lang-1061.dll
- %ProgramFiles%\ccleaner\lang\set7ce9.tmp в %ProgramFiles%\ccleaner\lang\lang-1062.dll
- %ProgramFiles%\ccleaner\lang\set7d2a.tmp в %ProgramFiles%\ccleaner\lang\lang-1063.dll
- %ProgramFiles%\ccleaner\lang\set7d5a.tmp в %ProgramFiles%\ccleaner\lang\lang-1065.dll
- %ProgramFiles%\ccleaner\lang\set7d9b.tmp в %ProgramFiles%\ccleaner\lang\lang-1066.dll
- %ProgramFiles%\ccleaner\lang\set7ddb.tmp в %ProgramFiles%\ccleaner\lang\lang-1067.dll
- %ProgramFiles%\ccleaner\lang\set7e0c.tmp в %ProgramFiles%\ccleaner\lang\lang-1068.dll
- %ProgramFiles%\ccleaner\lang\set7e4c.tmp в %ProgramFiles%\ccleaner\lang\lang-1071.dll
- %ProgramFiles%\ccleaner\lang\set7e8d.tmp в %ProgramFiles%\ccleaner\lang\lang-1079.dll
- %ProgramFiles%\ccleaner\lang\set7ebe.tmp в %ProgramFiles%\ccleaner\lang\lang-1081.dll
- %ProgramFiles%\ccleaner\lang\set7f4e.tmp в %ProgramFiles%\ccleaner\lang\lang-1087.dll
- %ProgramFiles%\ccleaner\lang\set81ab.tmp в %ProgramFiles%\ccleaner\lang\lang-9999.dll
- %ProgramFiles%\ccleaner\lang\set7f8e.tmp в %ProgramFiles%\ccleaner\lang\lang-1090.dll
- %ProgramFiles%\ccleaner\lang\set7fb0.tmp в %ProgramFiles%\ccleaner\lang\lang-1092.dll
- %ProgramFiles%\ccleaner\lang\set7fd1.tmp в %ProgramFiles%\ccleaner\lang\lang-1093.dll
- %ProgramFiles%\ccleaner\lang\set7ff2.tmp в %ProgramFiles%\ccleaner\lang\lang-1102.dll
- %ProgramFiles%\ccleaner\lang\set8004.tmp в %ProgramFiles%\ccleaner\lang\lang-1104.dll
- %ProgramFiles%\ccleaner\lang\set8025.tmp в %ProgramFiles%\ccleaner\lang\lang-1109.dll
- %ProgramFiles%\ccleaner\lang\set8046.tmp в %ProgramFiles%\ccleaner\lang\lang-1110.dll
- %ProgramFiles%\ccleaner\lang\set8058.tmp в %ProgramFiles%\ccleaner\lang\lang-1155.dll
- %ProgramFiles%\ccleaner\lang\set8098.tmp в %ProgramFiles%\ccleaner\lang\lang-2052.dll
- %ProgramFiles%\ccleaner\lang\set80c9.tmp в %ProgramFiles%\ccleaner\lang\lang-2070.dll
- %ProgramFiles%\ccleaner\lang\set80fa.tmp в %ProgramFiles%\ccleaner\lang\lang-2074.dll
- %ProgramFiles%\ccleaner\lang\set812a.tmp в %ProgramFiles%\ccleaner\lang\lang-3098.dll
- %ProgramFiles%\ccleaner\lang\set816b.tmp в %ProgramFiles%\ccleaner\lang\lang-5146.dll
- %ProgramFiles%\ccleaner\lang\set7be6.tmp в %ProgramFiles%\ccleaner\lang\lang-1057.dll
- %ProgramFiles%\ccleaner\lang\set7f0e.tmp в %ProgramFiles%\ccleaner\lang\lang-1086.dll
- %ProgramFiles%\ccleaner\lang\set7ba5.tmp в %ProgramFiles%\ccleaner\lang\lang-1056.dll
- %ProgramFiles%\ccleaner\lang\set78b5.tmp в %ProgramFiles%\ccleaner\lang\lang-1037.dll
- %ProgramFiles%\ccleaner\set71e7.tmp в %ProgramFiles%\ccleaner\ccleaner.dat
- %ProgramFiles%\ccleaner\set75b1.tmp в %ProgramFiles%\ccleaner\ccleaner64.exe
- %ProgramFiles%\ccleaner\lang\set7767.tmp в %ProgramFiles%\ccleaner\lang\lang-1025.dll
- %ProgramFiles%\ccleaner\lang\set7789.tmp в %ProgramFiles%\ccleaner\lang\lang-1026.dll
- %ProgramFiles%\ccleaner\lang\set77aa.tmp в %ProgramFiles%\ccleaner\lang\lang-1027.dll
- %ProgramFiles%\ccleaner\lang\set77bb.tmp в %ProgramFiles%\ccleaner\lang\lang-1028.dll
- %ProgramFiles%\ccleaner\lang\set77ec.tmp в %ProgramFiles%\ccleaner\lang\lang-1029.dll
- %ProgramFiles%\ccleaner\lang\set77fe.tmp в %ProgramFiles%\ccleaner\lang\lang-1030.dll
- %ProgramFiles%\ccleaner\lang\set781f.tmp в %ProgramFiles%\ccleaner\lang\lang-1031.dll
- %ProgramFiles%\ccleaner\lang\set7831.tmp в %ProgramFiles%\ccleaner\lang\lang-1032.dll
- %ProgramFiles%\ccleaner\lang\set7852.tmp в %ProgramFiles%\ccleaner\lang\lang-1034.dll
- %ProgramFiles%\ccleaner\lang\set7873.tmp в %ProgramFiles%\ccleaner\lang\lang-1035.dll
- %ProgramFiles%\ccleaner\lang\set7894.tmp в %ProgramFiles%\ccleaner\lang\lang-1036.dll
- %ProgramFiles%\ccleaner\lang\set78d7.tmp в %ProgramFiles%\ccleaner\lang\lang-1038.dll
- %ProgramFiles%\ccleaner\lang\set7b34.tmp в %ProgramFiles%\ccleaner\lang\lang-1054.dll
- %ProgramFiles%\ccleaner\lang\set78f8.tmp в %ProgramFiles%\ccleaner\lang\lang-1040.dll
- %ProgramFiles%\ccleaner\lang\set7909.tmp в %ProgramFiles%\ccleaner\lang\lang-1041.dll
- %ProgramFiles%\ccleaner\lang\set792b.tmp в %ProgramFiles%\ccleaner\lang\lang-1042.dll
- %ProgramFiles%\ccleaner\lang\set795b.tmp в %ProgramFiles%\ccleaner\lang\lang-1043.dll
- %ProgramFiles%\ccleaner\lang\set797d.tmp в %ProgramFiles%\ccleaner\lang\lang-1044.dll
- %ProgramFiles%\ccleaner\lang\set79ad.tmp в %ProgramFiles%\ccleaner\lang\lang-1045.dll
- %ProgramFiles%\ccleaner\lang\set79cf.tmp в %ProgramFiles%\ccleaner\lang\lang-1046.dll
- %ProgramFiles%\ccleaner\lang\set79f0.tmp в %ProgramFiles%\ccleaner\lang\lang-1048.dll
- %ProgramFiles%\ccleaner\lang\set7a11.tmp в %ProgramFiles%\ccleaner\lang\lang-1049.dll
- %ProgramFiles%\ccleaner\lang\set7a32.tmp в %ProgramFiles%\ccleaner\lang\lang-1050.dll
- %ProgramFiles%\ccleaner\lang\set7a54.tmp в %ProgramFiles%\ccleaner\lang\lang-1051.dll
- %ProgramFiles%\ccleaner\lang\set7aa4.tmp в %ProgramFiles%\ccleaner\lang\lang-1052.dll
- %ProgramFiles%\ccleaner\lang\set7ae4.tmp в %ProgramFiles%\ccleaner\lang\lang-1053.dll
- %ProgramFiles%\ccleaner\lang\set7b65.tmp в %ProgramFiles%\ccleaner\lang\lang-1055.dll
- %ProgramFiles%\ccleaner\set821a.tmp в %ProgramFiles%\ccleaner\uninst.exe
- %LOCALAPPDATA%\microsoft\windows\explorer\explorerstartuplog_runonce.etl
- 'cy###mania.ws':443
- 'cy###mania.ws':443
- DNS ASK cy###mania.ws
- DNS ASK microsoft.com
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'Static' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '%TEMP%\rarsfx0\blockhost64.exe'
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\C8F7R45F.cmd" "%TEMP%\RarSFX0\BlockHost64.exe" "' (со скрытым окном)
- '<SYSTEM32>\infdefaultinstall.exe' "%TEMP%\RarSFX0\CCleaner64.inf"
- '<SYSTEM32>\runonce.exe' -r
- '<SYSTEM32>\grpconv.exe' -o
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\C8F7R45F.cmd" "%TEMP%\RarSFX0\BlockHost64.exe" "
- '<SYSTEM32>\takeown.exe' /f "<DRIVERS>\etc\hosts" /a
- '<SYSTEM32>\cmd.exe' /S /D /c" echo y"
- '<SYSTEM32>\icacls.exe' <DRIVERS>\etc\hosts /c /grant "administrators:F"
- '<SYSTEM32>\attrib.exe' -h -r -s <DRIVERS>\etc\hosts
- '<SYSTEM32>\find.exe' /C /I "CyberMania CCleaner Block" <DRIVERS>\etc\hosts
- '<SYSTEM32>\find.exe' /C /I "0.0.0.0 license-api.ccleaner.com" <DRIVERS>\etc\hosts
- '<SYSTEM32>\find.exe' /C /I "CCleaner Block End" <DRIVERS>\etc\hosts
- '<SYSTEM32>\ipconfig.exe' -flushdns