Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Intel(R) Common Networking System' = '%APPDATA%\Intel Corporation\Intel(R) Common User Interface\8.1.1.7800\svchost.exe'
- ClassName: 'OLLYDBG', WindowName: ''
- %LOCALAPPDATA%\tempsetup.exe
- %TEMP%\$inst\2.tmp
- %APPDATA%\intel corporation\intel(r) common user interface\8.1.1.7800\svchost.exe
- %APPDATA%\intel corporation\intel(r) common user interface\8.1.1.7800\server.zip
- %TEMP%\evb1f6.tmp
- %TEMP%\evb1d6.tmp
- %TEMP%\evb1.tmp
- %TEMP%\evbff63.tmp
- %TEMP%\evbfee5.tmp
- %TEMP%\evbfea5.tmp
- %TEMP%\evbfafb.tmp
- %TEMP%\evbf9d1.tmp
- %TEMP%\evbf888.tmp
- %TEMP%\evbf77d.tmp
- %TEMP%\evbee64.tmp
- <Текущая директория>\~aioc_crack_by_lhf.exe
- %TEMP%\$inst\temp_0.tmp
- %APPDATA%\microsoft\windows\8.1.7601.17587\svchost.exe
- <Текущая директория>\~aioc_crack_by_lhf.exe
- %APPDATA%\intel corporation\intel(r) common user interface\8.1.1.7800\svchost.exe
- %APPDATA%\microsoft\windows\8.1.7601.17587\svchost.exe
- %APPDATA%\intel corporation\intel(r) common user interface\8.1.1.7800\server.zip
- %TEMP%\$inst\temp_0.tmp
- '%LOCALAPPDATA%\tempsetup.exe'
- '<Текущая директория>\~aioc_crack_by_lhf.exe'
- '%APPDATA%\intel corporation\intel(r) common user interface\8.1.1.7800\svchost.exe'
- '<SYSTEM32>\wisptis.exe' /ManualLaunch;' (со скрытым окном)
- '<SYSTEM32>\wisptis.exe' /ManualLaunch;