Техническая информация
- %HOMEPATH%\Templates\WinProductKeyViewer_x64.exe
- %ProgramFiles%\Company\WinProductKeyViewer_x64\Uninstall.exe
- %ProgramFiles%\Company\WinProductKeyViewer_x64\Uninstall.ini
- %WINDIR%\Driver.exe
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- %WINDIR%\taskhost.exe
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- %WINDIR%\taskhost.exe в <SYSTEM32>\taskhost.exe
- '%WINDIR%\Driver.exe'
- '<SYSTEM32>\cmd.exe' /C rename "<SYSTEM32>\taskhost.exe" taskhostef.exe
- '<SYSTEM32>\cmd.exe' /C move "%WINDIR%\taskhost.exe" "<SYSTEM32>\taskhost.exe"
- '<SYSTEM32>\cmd.exe' /C takeown /A /F <SYSTEM32>\taskhost.exe
- '<SYSTEM32>\cmd.exe' /C icacls <SYSTEM32>\taskhost.exe /grant Administrateurs:F