Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Services\OpenVPNService] 'ImagePath' = '"%ProgramFiles%\OpenVPN\bin\openvpnserv.exe"'
- %TEMP%\nst2.tmp\UserInfo.dll
- %TEMP%\nsa7.tmp\nsExec.dll
- %ProgramFiles%\TAP-Windows\icon.ico
- %ProgramFiles%\TAP-Windows\license.txt
- %ALLUSERSPROFILE%\Start Menu\Programs\TAP-Windows\Utilities\Delete ALL TAP virtual ethernet adapters.lnk
- %ALLUSERSPROFILE%\Start Menu\Programs\TAP-Windows\Utilities\Add a new TAP virtual ethernet adapter.lnk
- %ProgramFiles%\TAP-Windows\bin\deltapall.bat
- %TEMP%\nsa7.tmp\ns8.tmp
- %ProgramFiles%\TAP-Windows\bin\addtap.bat
- %ProgramFiles%\TAP-Windows\driver\tap0901.cat
- %ProgramFiles%\TAP-Windows\driver\OemWin2k.inf
- %ProgramFiles%\TAP-Windows\bin\devcon.exe
- %TEMP%\nsa7.tmp\System.dll
- %TEMP%\nsa7.tmp\UserInfo.dll
- %TEMP%\nst2.tmp\ns5.tmp
- %ProgramFiles%\TAP-Windows\driver\tap0901.sys
- %TEMP%\nsa7.tmp\ns9.tmp
- %TEMP%\CabA.tmp
- %TEMP%\CabC.tmp
- %TEMP%\Cab2C.tmp
- %TEMP%\Cab2A.tmp
- %TEMP%\Cab28.tmp
- %TEMP%\Cab26.tmp
- %TEMP%\Cab24.tmp
- %TEMP%\Cab22.tmp
- %TEMP%\Cab20.tmp
- %TEMP%\Cab1E.tmp
- %TEMP%\Cab1A.tmp
- %TEMP%\Cab18.tmp
- %TEMP%\Cab16.tmp
- %TEMP%\Cab14.tmp
- %TEMP%\Cab12.tmp
- %TEMP%\Cab10.tmp
- %TEMP%\CabE.tmp
- %TEMP%\tap-windows.exe
- %TEMP%\Cab2E.tmp
- %TEMP%\nst2.tmp\ns4.tmp
- %ALLUSERSPROFILE%\Start Menu\Programs\OpenVPN\Shortcuts\OpenVPN log file directory.lnk
- %ProgramFiles%\OpenVPN\config\Privacy-Australia.ovpn
- %ProgramFiles%\OpenVPN\config\Privacy-France.ovpn
- %ProgramFiles%\OpenVPN\config\Privacy-Spain.ovpn
- %ProgramFiles%\OpenVPN\config\Privacy-Germany.ovpn
- %ProgramFiles%\OpenVPN\bin\openvpnserv.exe
- %ALLUSERSPROFILE%\Start Menu\Programs\OpenVPN\Documentation\OpenVPN Manual Page.lnk
- %ProgramFiles%\OpenVPN\config\Privacy-Czech.ovpn
- %ProgramFiles%\OpenVPN\doc\openvpn.8.html
- %TEMP%\nst2.tmp\ns3.tmp
- %TEMP%\nst2.tmp\nsExec.dll
- %TEMP%\nst2.tmp\nsProcess.dll
- %TEMP%\nst2.tmp\modern-wizard.bmp
- %TEMP%\nst2.tmp\modern-header.bmp
- %TEMP%\nst2.tmp\System.dll
- %ProgramFiles%\OpenVPN\bin\openvpn.exe
- %ProgramFiles%\OpenVPN\config\Privacy-Norway.ovpn
- %ProgramFiles%\OpenVPN\config\Privacy-Japan.ovpn
- %ProgramFiles%\OpenVPN\config\Privacy-Canada.ovpn
- %ProgramFiles%\OpenVPN\log\README.txt
- %ProgramFiles%\OpenVPN\config\README.txt
- %ProgramFiles%\OpenVPN\config\TV-USA-Central.ovpn
- %ProgramFiles%\OpenVPN\config\TV-USA-East.ovpn
- %ProgramFiles%\OpenVPN\config\TV-USA-West.ovpn
- %ProgramFiles%\OpenVPN\config\TV-UK.ovpn
- %ProgramFiles%\OpenVPN\config\Privacy-Switzerland.ovpn
- %ProgramFiles%\OpenVPN\config\Privacy-Romania.ovpn
- %ProgramFiles%\OpenVPN\config\Privacy-Brazil.ovpn
- %ProgramFiles%\OpenVPN\config\Privacy-Luxembourg.ovpn
- %ProgramFiles%\OpenVPN\config\Privacy-Estonia.ovpn
- %ProgramFiles%\OpenVPN\config\Privacy-Ukraine.ovpn
- %ProgramFiles%\OpenVPN\config\Privacy-Russia.ovpn
- %ProgramFiles%\OpenVPN\config\Privacy-Netherlands.ovpn
- %ProgramFiles%\OpenVPN\config\Privacy-Lithuania.ovpn
- %ALLUSERSPROFILE%\Start Menu\Programs\OpenVPN\Shortcuts\OpenVPN configuration file directory.lnk
- %TEMP%\Cab30.tmp
- %TEMP%\nst2.tmp\ns3.tmp
- %TEMP%\Cab2C.tmp
- %TEMP%\Cab2A.tmp
- %TEMP%\Cab28.tmp
- %TEMP%\Cab26.tmp
- %TEMP%\Cab24.tmp
- %TEMP%\Cab22.tmp
- %TEMP%\Cab20.tmp
- %TEMP%\Cab1E.tmp
- %TEMP%\Cab1A.tmp
- %TEMP%\Cab18.tmp
- %TEMP%\Cab16.tmp
- %TEMP%\Cab14.tmp
- %TEMP%\Cab12.tmp
- %TEMP%\Cab10.tmp
- %TEMP%\CabE.tmp
- %TEMP%\CabC.tmp
- %TEMP%\CabA.tmp
- %TEMP%\nsa7.tmp\ns8.tmp
- %TEMP%\nst2.tmp\ns4.tmp
- %TEMP%\Cab2E.tmp
- %TEMP%\Cab30.tmp
- 'wp#d':80
- 'download.windowsupdate.com':80
- 'ca#####.digicert.com':80
- http://11#.#11.111.1/wpad.dat via wp#d
- http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt via download.windowsupdate.com
- http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab via download.windowsupdate.com
- http://ca#####.digicert.com/DigiCertAssuredIDRootCA.crt
- DNS ASK wp#d
- DNS ASK www.download.windowsupdate.com
- DNS ASK ca#####.digicert.com
- ClassName: '#32770' WindowName: ''
- ClassName: 'OpenVPN-GUI' WindowName: ''
- ClassName: 'SysListView32' WindowName: ''
- '%TEMP%\nst2.tmp\ns3.tmp' "%ProgramFiles%\OpenVPN\bin\openvpnserv.exe" -remove
- '%TEMP%\nst2.tmp\ns4.tmp' "%ProgramFiles%\OpenVPN\bin\openvpnserv.exe" -install
- '%ProgramFiles%\OpenVPN\bin\openvpnserv.exe' -install
- '%TEMP%\nst2.tmp\ns5.tmp' "%TEMP%\tap-windows.exe" /S /SELECT_UTILITIES=1
- '%TEMP%\tap-windows.exe' /S /SELECT_UTILITIES=1
- '%TEMP%\nsa7.tmp\ns8.tmp' "%ProgramFiles%\TAP-Windows\bin\devcon.exe" hwids tap0901
- '%ProgramFiles%\TAP-Windows\bin\devcon.exe' hwids tap0901
- '%TEMP%\nsa7.tmp\ns9.tmp' "%ProgramFiles%\TAP-Windows\bin\devcon.exe" install "%ProgramFiles%\TAP-Windows\driver\OemWin2k.inf" tap0901
- '%ProgramFiles%\TAP-Windows\bin\devcon.exe' install "%ProgramFiles%\TAP-Windows\driver\OemWin2k.inf" tap0901