Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\UnlockerDriver5\] 'ImagePath' = '%TEMP%\RarSFX0\64-bit\UnlockerDriver5.sys'
- %HOMEPATH%\desktop\alert.htm
- %HOMEPATH%\desktop\adadsi.html
- %HOMEPATH%\desktop\64bit_notes.htm
- %TEMP%\rarsfx0\sfxinfo.txt
- %TEMP%\rarsfx0\32-bit\unlocker.exe
- %TEMP%\rarsfx0\64-bit\unlocker.exe
- %TEMP%\rarsfx0\32-bit\unlockerassistant.exe
- %TEMP%\rarsfx0\64-bit\unlockerinject32.exe
- %TEMP%\rarsfx0\32-bit\unlockerhook.dll
- %TEMP%\rarsfx0\32-bit\unlockerdriver5.sys
- %TEMP%\rarsfx0\64-bit\unlockerdriver5.sys
- %TEMP%\rarsfx0\64-bit\unlocker.cfg
- %TEMP%\rarsfx0\unlocker.ico
- %TEMP%\rarsfx0\vbsaccess.reg
- %TEMP%\rarsfx0\osarchitekturtest.vbs
- %WINDIR%\temp\udd6eb9.tmp
- %WINDIR%\temp\udd6eb9.tmp
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- '%WINDIR%\syswow64\wscript.exe' "%TEMP%\RarSFX0\OSArchitekturTest.vbs"
- '%TEMP%\rarsfx0\64-bit\unlocker.exe'
- '%WINDIR%\syswow64\regedit.exe' /s "VbsAccess.reg"