Техническая информация
Для обеспечения автозапуска и распространения
Модифицирует следующие ключи реестра
- [HKLM\Software\Classes\DMFile\shell\open\command] '' = '%ProgramFiles(x86)%\Download Master\dmaster.exe "%L"'
- [HKLM\Software\Classes\DMUrlsFile\shell\open\command] '' = '%ProgramFiles(x86)%\Download Master\dmaster.exe "%L"'
- [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions\{8DAE90AD-4583-4977-9DD4-4360F7A45C74}] 'Exec' = '%ProgramFiles(x86)%\Download Master\dmaster.exe'
Изменения в файловой системе
Создает следующие файлы
- %TEMP%\rarsfx0\dmaster.ini
- %ProgramFiles(x86)%\download master\is-ukunn.tmp
- %ProgramFiles(x86)%\download master\is-gdu5g.tmp
- %APPDATA%\download master\lists\is-9lhd4.tmp
- %ProgramFiles(x86)%\download master\plugins\is-mf4ag.tmp
- %ProgramFiles(x86)%\download master\plugins\is-h2sn7.tmp
- %ProgramFiles(x86)%\download master\plugins\is-sn097.tmp
- %ProgramFiles(x86)%\download master\plugins\is-3nm5l.tmp
- %ProgramFiles(x86)%\download master\is-0pdbv.tmp
- %ProgramFiles(x86)%\download master\sounds\is-48pb6.tmp
- %ProgramFiles(x86)%\download master\sounds\is-8rnn7.tmp
- %ProgramFiles(x86)%\download master\sounds\is-9e73f.tmp
- %ProgramFiles(x86)%\download master\skins\is-agh3b.tmp
- %ProgramFiles(x86)%\download master\plugins\is-50k5c.tmp
- %ProgramFiles(x86)%\download master\is-r8bmr.tmp
- %ProgramFiles(x86)%\download master\is-03tkp.tmp
- %ProgramFiles(x86)%\download master\is-7hrs7.tmp
- %ProgramFiles(x86)%\download master\sounds\is-7nvqb.tmp
- %ProgramFiles(x86)%\download master\is-bnpfj.tmp
- %ProgramFiles(x86)%\download master\is-8ucos.tmp
- %ProgramFiles(x86)%\download master\is-t86rj.tmp
- %ProgramFiles(x86)%\download master\skins\is-mqs4o.tmp
- %ProgramFiles(x86)%\download master\skins\is-s2jk2.tmp
- %ProgramFiles(x86)%\download master\skins\is-7ju86.tmp
- %ProgramFiles(x86)%\download master\skins\is-g4a6l.tmp
- %ProgramFiles(x86)%\download master\skins\is-ch7r0.tmp
- %ProgramFiles(x86)%\download master\skins\is-nr8l4.tmp
- %ProgramFiles(x86)%\download master\skins\is-20k90.tmp
- %ProgramFiles(x86)%\download master\skins\is-asjek.tmp
- %ProgramFiles(x86)%\download master\skins\is-12al6.tmp
- %ProgramFiles(x86)%\download master\skins\is-8j30i.tmp
- %ProgramFiles(x86)%\download master\skins\is-pdqrs.tmp
- %ProgramFiles(x86)%\download master\skins\is-a19gj.tmp
- %ProgramFiles(x86)%\download master\is-9l54j.tmp
- %APPDATA%\download master\is-8d16k.tmp
- %ProgramFiles(x86)%\download master\is-rjg43.tmp
- %ProgramFiles(x86)%\download master\is-1mn6r.tmp
- %ProgramFiles(x86)%\download master\is-01hee.tmp
- %ProgramFiles(x86)%\download master\is-q8l0i.tmp
- %HOMEPATH%\desktop\download master.lnk
- %ProgramFiles(x86)%\download master\is-d5039.tmp
- %ProgramFiles(x86)%\download master\is-vjvj1.tmp
- %TEMP%\is-7nvch.tmp\_isetup\_regdll.tmp
- %TEMP%\is-6ma44.tmp\dmaster.tmp
- %TEMP%\rarsfx0\dmaster.exe
- %TEMP%\rarsfx0\vista inspirat.skn
- %TEMP%\rarsfx0\sky.skn
- %TEMP%\rarsfx0\oskar.skn
- %TEMP%\rarsfx0\noia.skn
- %TEMP%\is-7nvch.tmp\_isetup\_setup64.tmp
- %TEMP%\rarsfx0\mediavista-r2.skn
- %TEMP%\rarsfx0\mediavista-g2.skn
- %TEMP%\rarsfx0\mediavista-g.skn
- %TEMP%\rarsfx0\mediavista-b2.skn
- %TEMP%\rarsfx0\mediavista-b.skn
- %TEMP%\rarsfx0\jds.skn
- %TEMP%\rarsfx0\icandy.skn
- %TEMP%\rarsfx0\settings.reg
- %TEMP%\rarsfx0\mediavista-r.skn
- %TEMP%\is-7nvch.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-7nvch.tmp\istask.dll
- %ProgramFiles(x86)%\download master\is-evijk.tmp
- %ProgramFiles(x86)%\download master\is-fdeo4.tmp
- %ProgramFiles(x86)%\download master\is-dcfbp.tmp
- %ProgramFiles(x86)%\download master\is-8kfuv.tmp
- %ProgramFiles(x86)%\download master\is-u11p2.tmp
- %ProgramFiles(x86)%\download master\is-2p0sa.tmp
- %ProgramFiles(x86)%\download master\is-ko4jk.tmp
- %ProgramFiles(x86)%\download master\is-c038b.tmp
- %ProgramFiles(x86)%\download master\is-aahjh.tmp
- %ProgramFiles(x86)%\download master\is-pm01d.tmp
- %ProgramFiles(x86)%\download master\is-agli1.tmp
- %ProgramFiles(x86)%\download master\is-qof67.tmp
- %ProgramFiles(x86)%\download master\is-jqhrn.tmp
- %ProgramFiles(x86)%\download master\is-2cnvl.tmp
- %ProgramFiles(x86)%\download master\is-vjsi9.tmp
- %ProgramFiles(x86)%\download master\is-87tqs.tmp
- %ProgramFiles(x86)%\download master\is-u22ur.tmp
- %ProgramFiles(x86)%\download master\is-fpdj9.tmp
- %ProgramFiles(x86)%\download master\is-k1vbs.tmp
- %ProgramFiles(x86)%\download master\unins000.dat
Удаляет следующие файлы
- %TEMP%\is-7nvch.tmp\istask.dll
- %TEMP%\rarsfx0\settings.reg
- %TEMP%\rarsfx0\oskar.skn
- %TEMP%\rarsfx0\noia.skn
- %TEMP%\rarsfx0\mediavista-r2.skn
- %TEMP%\rarsfx0\mediavista-r.skn
- %TEMP%\rarsfx0\mediavista-g2.skn
- %TEMP%\rarsfx0\mediavista-g.skn
- %TEMP%\rarsfx0\sky.skn
- %TEMP%\rarsfx0\mediavista-b2.skn
- %TEMP%\rarsfx0\jds.skn
- %TEMP%\rarsfx0\icandy.skn
- %TEMP%\rarsfx0\dmaster.ini
- %TEMP%\rarsfx0\dmaster.exe
- %TEMP%\is-7nvch.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-7nvch.tmp\_isetup\_setup64.tmp
- %TEMP%\is-7nvch.tmp\_isetup\_regdll.tmp
- %TEMP%\rarsfx0\mediavista-b.skn
- %TEMP%\rarsfx0\vista inspirat.skn
Перемещает следующие файлы
- %ProgramFiles(x86)%\download master\is-evijk.tmp в %ProgramFiles(x86)%\download master\unins000.exe
- %ProgramFiles(x86)%\download master\plugins\is-3nm5l.tmp в %ProgramFiles(x86)%\download master\plugins\advscheduler.chm
- %ProgramFiles(x86)%\download master\plugins\is-sn097.tmp в %ProgramFiles(x86)%\download master\plugins\advscheduler.dll
- %ProgramFiles(x86)%\download master\plugins\is-h2sn7.tmp в %ProgramFiles(x86)%\download master\plugins\trayindicator.lng
- %ProgramFiles(x86)%\download master\plugins\is-mf4ag.tmp в %ProgramFiles(x86)%\download master\plugins\trayindicator.dll
- %APPDATA%\download master\lists\is-9lhd4.tmp в %APPDATA%\download master\lists\trayindicator.ini
- %ProgramFiles(x86)%\download master\is-gdu5g.tmp в %ProgramFiles(x86)%\download master\dmie.dll
- %ProgramFiles(x86)%\download master\is-ukunn.tmp в %ProgramFiles(x86)%\download master\dmiehlp.dll
- %ProgramFiles(x86)%\download master\is-0pdbv.tmp в %ProgramFiles(x86)%\download master\dmaster-ff.xpi
- %ProgramFiles(x86)%\download master\is-bnpfj.tmp в %ProgramFiles(x86)%\download master\dmbar.dll
- %ProgramFiles(x86)%\download master\is-8ucos.tmp в %ProgramFiles(x86)%\download master\dmbar.xpi
- %ProgramFiles(x86)%\download master\is-t86rj.tmp в %ProgramFiles(x86)%\download master\dmie.htm
- %ProgramFiles(x86)%\download master\is-01hee.tmp в %ProgramFiles(x86)%\download master\dmieall.htm
- %ProgramFiles(x86)%\download master\is-rjg43.tmp в %ProgramFiles(x86)%\download master\npdm.dll
- %ProgramFiles(x86)%\download master\skins\is-s2jk2.tmp в %ProgramFiles(x86)%\download master\skins\sky.skn
- %APPDATA%\download master\is-8d16k.tmp в %APPDATA%\download master\nodelist.xml
- %ProgramFiles(x86)%\download master\is-9l54j.tmp в %ProgramFiles(x86)%\download master\nodelist.xml
- %ProgramFiles(x86)%\download master\skins\is-a19gj.tmp в %ProgramFiles(x86)%\download master\skins\icandy.skn
- %ProgramFiles(x86)%\download master\skins\is-pdqrs.tmp в %ProgramFiles(x86)%\download master\skins\jds.skn
- %ProgramFiles(x86)%\download master\skins\is-8j30i.tmp в %ProgramFiles(x86)%\download master\skins\mediavista-b.skn
- %ProgramFiles(x86)%\download master\skins\is-12al6.tmp в %ProgramFiles(x86)%\download master\skins\mediavista-b2.skn
- %ProgramFiles(x86)%\download master\skins\is-asjek.tmp в %ProgramFiles(x86)%\download master\skins\mediavista-g.skn
- %ProgramFiles(x86)%\download master\skins\is-20k90.tmp в %ProgramFiles(x86)%\download master\skins\mediavista-g2.skn
- %ProgramFiles(x86)%\download master\skins\is-nr8l4.tmp в %ProgramFiles(x86)%\download master\skins\mediavista-r.skn
- %ProgramFiles(x86)%\download master\skins\is-ch7r0.tmp в %ProgramFiles(x86)%\download master\skins\mediavista-r2.skn
- %ProgramFiles(x86)%\download master\skins\is-g4a6l.tmp в %ProgramFiles(x86)%\download master\skins\noia.skn
- %ProgramFiles(x86)%\download master\skins\is-7ju86.tmp в %ProgramFiles(x86)%\download master\skins\oskar.skn
- %ProgramFiles(x86)%\download master\sounds\is-48pb6.tmp в %ProgramFiles(x86)%\download master\sounds\error.wav
- %ProgramFiles(x86)%\download master\is-1mn6r.tmp в %ProgramFiles(x86)%\download master\dmmm.xpi
- %ProgramFiles(x86)%\download master\sounds\is-7nvqb.tmp в %ProgramFiles(x86)%\download master\sounds\done.wav
- %ProgramFiles(x86)%\download master\is-2p0sa.tmp в %ProgramFiles(x86)%\download master\goback.htm
- %ProgramFiles(x86)%\download master\is-fpdj9.tmp в %ProgramFiles(x86)%\download master\bugtype.cfg
- %ProgramFiles(x86)%\download master\is-u22ur.tmp в %ProgramFiles(x86)%\download master\bugtype_e.cfg
- %ProgramFiles(x86)%\download master\is-87tqs.tmp в %ProgramFiles(x86)%\download master\com.westbyte.downloadmaster.exe
- %ProgramFiles(x86)%\download master\is-vjsi9.tmp в %ProgramFiles(x86)%\download master\com.westbyte.downloadmaster.json
- %ProgramFiles(x86)%\download master\is-2cnvl.tmp в %ProgramFiles(x86)%\download master\dmaster.dat
- %ProgramFiles(x86)%\download master\is-jqhrn.tmp в %ProgramFiles(x86)%\download master\dmaster.exe
- %ProgramFiles(x86)%\download master\is-qof67.tmp в %ProgramFiles(x86)%\download master\dmaster1.dat
- %ProgramFiles(x86)%\download master\is-agli1.tmp в %ProgramFiles(x86)%\download master\dmaster2.dat
- %ProgramFiles(x86)%\download master\is-pm01d.tmp в %ProgramFiles(x86)%\download master\dmaster3.dat
- %ProgramFiles(x86)%\download master\is-aahjh.tmp в %ProgramFiles(x86)%\download master\dmaster4.dat
- %ProgramFiles(x86)%\download master\is-c038b.tmp в %ProgramFiles(x86)%\download master\dm_rus.chm
- %ProgramFiles(x86)%\download master\is-ko4jk.tmp в %ProgramFiles(x86)%\download master\flvplayer.swf
- %ProgramFiles(x86)%\download master\is-u11p2.tmp в %ProgramFiles(x86)%\download master\hintf.bmp
- %ProgramFiles(x86)%\download master\sounds\is-9e73f.tmp в %ProgramFiles(x86)%\download master\sounds\add.wav
- %ProgramFiles(x86)%\download master\is-8kfuv.tmp в %ProgramFiles(x86)%\download master\html.htm
- %ProgramFiles(x86)%\download master\is-dcfbp.tmp в %ProgramFiles(x86)%\download master\lvcolors.cfg
- %ProgramFiles(x86)%\download master\is-fdeo4.tmp в %ProgramFiles(x86)%\download master\other_str.txt
- %ProgramFiles(x86)%\download master\is-vjvj1.tmp в %ProgramFiles(x86)%\download master\playflv.html
- %ProgramFiles(x86)%\download master\is-k1vbs.tmp в %ProgramFiles(x86)%\download master\playflvimg.jpg
- %ProgramFiles(x86)%\download master\is-d5039.tmp в %ProgramFiles(x86)%\download master\referers.txt
- %ProgramFiles(x86)%\download master\is-q8l0i.tmp в %ProgramFiles(x86)%\download master\swfobject.js
- %ProgramFiles(x86)%\download master\is-7hrs7.tmp в %ProgramFiles(x86)%\download master\typeconn.cfg
- %ProgramFiles(x86)%\download master\is-03tkp.tmp в %ProgramFiles(x86)%\download master\unrar.dll
- %ProgramFiles(x86)%\download master\is-r8bmr.tmp в %ProgramFiles(x86)%\download master\unzip32.dll
- %ProgramFiles(x86)%\download master\plugins\is-50k5c.tmp в %ProgramFiles(x86)%\download master\plugins\videoserv.dll
- %ProgramFiles(x86)%\download master\skins\is-agh3b.tmp в %ProgramFiles(x86)%\download master\skins\standard.skn
- %ProgramFiles(x86)%\download master\sounds\is-8rnn7.tmp в %ProgramFiles(x86)%\download master\sounds\alldone.wav
- %ProgramFiles(x86)%\download master\skins\is-mqs4o.tmp в %ProgramFiles(x86)%\download master\skins\vista inspirat.skn
Другое
Ищет следующие окна
- ClassName: 'RegEdit_RegEdit' WindowName: ''
Создает и запускает на исполнение
- '%TEMP%\rarsfx0\dmaster.exe' /VERYSILENT /NORESTART /LOADINF="dmaster.ini"
- '%TEMP%\is-6ma44.tmp\dmaster.tmp' /SL5="$E0126,5605124,76288,%TEMP%\RarSFX0\dmaster.exe" /VERYSILENT /NORESTART /LOADINF="dmaster.ini"
Запускает на исполнение
- '%WINDIR%\syswow64\regsvr32.exe' /s "%ProgramFiles(x86)%\Download Master\dmie.dll"
- '%WINDIR%\syswow64\regsvr32.exe' /s "%ProgramFiles(x86)%\Download Master\dmiehlp.dll"
- '%WINDIR%\syswow64\regedit.exe' /s "%TEMP%\RarSFX0\settings.reg"
