Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'ANIWZCSService' = '%PROGRAM_FILES%\Alpha Networks\ANIWZCS Service\WZCSLDR.exe'
- '%CommonProgramFiles%\InstallShield\Engine\6\Intel 32\IKernel.exe' 32\IKernel.exe -Embedding
- '%CommonProgramFiles%\InstallShield\Engine\6\Intel 32\IKernel.exe' /REGSERVER
- '%TEMP%\pft3~tmp\Disk1\Setup.exe'
- '%CommonProgramFiles%\InstallShield\Engine\6\Intel 32\IKernel.exe' -RegServer
- %PROGRAM_FILES%\InstallShield Installation Information\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\layo22cb.rra
- %PROGRAM_FILES%\InstallShield Installation Information\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\data22ea.rra
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\$WinMgmt.CFG
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\FS\INDEX.BTR
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\FS\MAPPING.VER
- %PROGRAM_FILES%\InstallShield Installation Information\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\Setu2358.rra
- %PROGRAM_FILES%\InstallShield Installation Information\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\data230a.rra
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\FS\INDEX.MAP
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_MACHINE_SYSTEM
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_MACHINE_SAM
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_MACHINE_SECURITY
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_MACHINE_SOFTWARE
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\drivetable.txt
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP15\drivetable.txt
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\ComDb.Dat
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\domain.txt
- %PROGRAM_FILES%\Alpha Networks\ANIWZCS Service\ANIW2675.rra
- %PROGRAM_FILES%\Alpha Networks\ANIWZCS Service\AQCK2730.rra
- %PROGRAM_FILES%\Alpha Networks\ANIWZCS Service\ANIC25c9.rra
- %PROGRAM_FILES%\Alpha Networks\ANIWZCS Service\aIPH2607.rra
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\RestorePointSize
- %PROGRAM_FILES%\Alpha Networks\ANIWZCS Service\wlan28d6.rra
- %PROGRAM_FILES%\Alpha Networks\ANIWZCS Service\odSu276f.rra
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\FS\OBJECTS.MAP
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\FS\MAPPING2.MAP
- %PROGRAM_FILES%\InstallShield Installation Information\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\setu23d5.rra
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\FS\MAPPING1.MAP
- %PROGRAM_FILES%\InstallShield Installation Information\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\Setu2396.rra
- %PROGRAM_FILES%\Alpha Networks\ANIWZCS Service\WZCS251d.rra
- %PROGRAM_FILES%\Alpha Networks\ANIWZCS Service\Ctrl255b.rra
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\FS\OBJECTS.DATA
- %PROGRAM_FILES%\InstallShield Installation Information\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\Setup.ini
- %TEMP%\pft3~tmp\Disk1\layout.bin
- %TEMP%\IEC4.tmp
- %TEMP%\pft3~tmp\Disk1\Setup.ini
- %TEMP%\pft3~tmp\Disk1\Setup.inx
- %CommonProgramFiles%\InstallShield\Engine\6\Intel 32\ctord661.rra
- %CommonProgramFiles%\InstallShield\Engine\6\Intel 32\objed9db.rra
- %CommonProgramFiles%\InstallShield\Engine\6\Intel 32\temp.000
- %CommonProgramFiles%\InstallShield\Engine\6\Intel 32\cored5e4.rra
- %TEMP%\pft3~tmp\pftw1.pkg
- %TEMP%\pft3~tmp\Disk1\ikernel.ex_
- %TEMP%\ext2.tmp
- %TEMP%\plf1.tmp
- %TEMP%\pft3~tmp\Disk1\data2.cab
- %TEMP%\pft3~tmp\Disk1\Setup.exe
- %TEMP%\pft3~tmp\Disk1\data1.hdr
- %TEMP%\pft3~tmp\Disk1\data1.cab
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_USRCLASS_S-1-5-19
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_NTUSER_S-1-5-20
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_NTUSER_S-1-5-18
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_NTUSER_S-1-5-19
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_USRCLASS_S-1-5-21-2052111302-484763869-725345543-1003
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_.DEFAULT
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_USRCLASS_S-1-5-20
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_NTUSER_S-1-5-21-2052111302-484763869-725345543-1003
- %TEMP%\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\setue97b.rra
- %TEMP%\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\valuead3.rra
- %CommonProgramFiles%\InstallShield\Engine\6\Intel 32\iuseda78.rra
- %CommonProgramFiles%\InstallShield\IScript\iscrde8e.rra
- %TEMP%\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\_IsRecc7.rra
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\rp.log
- %TEMP%\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\isrteb6f.rra
- %TEMP%\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\defaec1b.rra
- %TEMP%\pft3~tmp\Disk1\data2.cab
- %TEMP%\pft3~tmp\Disk1\ikernel.ex_
- %TEMP%\pft3~tmp\Disk1\data1.cab
- %TEMP%\pft3~tmp\Disk1\data1.hdr
- %TEMP%\pft3~tmp\Disk1\Setup.ini
- %TEMP%\pft3~tmp\Disk1\Setup.inx
- %TEMP%\pft3~tmp\Disk1\layout.bin
- %TEMP%\pft3~tmp\Disk1\Setup.exe
- %TEMP%\plf1.tmp
- %TEMP%\IEC4.tmp
- %TEMP%\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\_IsRes.dll
- %TEMP%\ext2.tmp
- %TEMP%\pft3~tmp\pftw1.pkg
- %TEMP%\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\value.shl
- %TEMP%\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\setup.inx
- %TEMP%\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\default.pal
- %TEMP%\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\isrt.dll
- from %PROGRAM_FILES%\InstallShield Installation Information\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\setu23d5.rra to %PROGRAM_FILES%\InstallShield Installation Information\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\setup.inx
- from %PROGRAM_FILES%\Alpha Networks\ANIWZCS Service\WZCS251d.rra to %PROGRAM_FILES%\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
- from %PROGRAM_FILES%\Alpha Networks\ANIWZCS Service\Ctrl255b.rra to %PROGRAM_FILES%\Alpha Networks\ANIWZCS Service\CtrlSrv.exe
- from %PROGRAM_FILES%\InstallShield Installation Information\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\data230a.rra to %PROGRAM_FILES%\InstallShield Installation Information\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\data1.cab
- from %PROGRAM_FILES%\InstallShield Installation Information\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\Setu2358.rra to %PROGRAM_FILES%\InstallShield Installation Information\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\Setup.exe
- from %PROGRAM_FILES%\InstallShield Installation Information\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\Setu2396.rra to %PROGRAM_FILES%\InstallShield Installation Information\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\Setup.ini
- from %PROGRAM_FILES%\Alpha Networks\ANIWZCS Service\AQCK2730.rra to %PROGRAM_FILES%\Alpha Networks\ANIWZCS Service\AQCKGen.dll
- from %PROGRAM_FILES%\Alpha Networks\ANIWZCS Service\odSu276f.rra to %PROGRAM_FILES%\Alpha Networks\ANIWZCS Service\odSupp_M.dll
- from %PROGRAM_FILES%\Alpha Networks\ANIWZCS Service\wlan28d6.rra to %PROGRAM_FILES%\Alpha Networks\ANIWZCS Service\wlanapi.dll
- from %PROGRAM_FILES%\Alpha Networks\ANIWZCS Service\ANIC25c9.rra to %PROGRAM_FILES%\Alpha Networks\ANIWZCS Service\ANICtl.dll
- from %PROGRAM_FILES%\Alpha Networks\ANIWZCS Service\aIPH2607.rra to %PROGRAM_FILES%\Alpha Networks\ANIWZCS Service\aIPH.dll
- from %PROGRAM_FILES%\Alpha Networks\ANIWZCS Service\ANIW2675.rra to %PROGRAM_FILES%\Alpha Networks\ANIWZCS Service\ANIWZCS.dll
- from %PROGRAM_FILES%\InstallShield Installation Information\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\data22ea.rra to %PROGRAM_FILES%\InstallShield Installation Information\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\data1.hdr
- from %CommonProgramFiles%\InstallShield\Engine\6\Intel 32\objed9db.rra to %CommonProgramFiles%\InstallShield\Engine\6\Intel 32\objectps.dll
- from %CommonProgramFiles%\InstallShield\Engine\6\Intel 32\iuseda78.rra to %CommonProgramFiles%\InstallShield\Engine\6\Intel 32\iuser.dll
- from %CommonProgramFiles%\InstallShield\IScript\iscrde8e.rra to %CommonProgramFiles%\InstallShield\IScript\iscript.dll
- from %CommonProgramFiles%\InstallShield\Engine\6\Intel 32\temp.000 to %CommonProgramFiles%\InstallShield\Engine\6\Intel 32\IKernel.exe
- from %CommonProgramFiles%\InstallShield\Engine\6\Intel 32\cored5e4.rra to %CommonProgramFiles%\InstallShield\Engine\6\Intel 32\corecomp.ini
- from %CommonProgramFiles%\InstallShield\Engine\6\Intel 32\ctord661.rra to %CommonProgramFiles%\InstallShield\Engine\6\Intel 32\ctor.dll
- from %TEMP%\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\defaec1b.rra to %TEMP%\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\default.pal
- from %TEMP%\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\_IsRecc7.rra to %TEMP%\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\_IsRes.dll
- from %PROGRAM_FILES%\InstallShield Installation Information\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\layo22cb.rra to %PROGRAM_FILES%\InstallShield Installation Information\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\layout.bin
- from %TEMP%\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\setue97b.rra to %TEMP%\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\setup.inx
- from %TEMP%\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\valuead3.rra to %TEMP%\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\value.shl
- from %TEMP%\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\isrteb6f.rra to %TEMP%\{74FCFEA6-7447-4BDB-BFEC-FF195AA62A13}\isrt.dll
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'