Technical Information
- %APPDATA%\microsoft\windows\start menu\programs\startup\desktop.ini.lnk
- Handler for all processes: %APPDATA%\CodeIntegrity\WinSupport\pcihooks.DLL
- %APPDATA%\codeintegrity\winsupport.exe
- %APPDATA%\codeintegrity\winsupport\nspscr.sys
- %APPDATA%\codeintegrity\winsupport\nstoast.exe
- %APPDATA%\codeintegrity\winsupport\pcicapi.dll
- %APPDATA%\codeintegrity\winsupport\pcicfgui.exe
- %APPDATA%\codeintegrity\winsupport\pcichek.dll
- %APPDATA%\codeintegrity\winsupport\pcicl32.dll
- %APPDATA%\codeintegrity\winsupport\pciconn.exe
- %APPDATA%\codeintegrity\winsupport\pcigina.dll
- %APPDATA%\codeintegrity\winsupport\pcihooks.dll
- %APPDATA%\codeintegrity\winsupport\pciinv.dll
- %APPDATA%\codeintegrity\winsupport\nsmexec.exe
- %APPDATA%\codeintegrity\winsupport\nspscr.inf
- %APPDATA%\codeintegrity\winsupport\pcimon.dll
- %APPDATA%\codeintegrity\winsupport\pcisys.sys
- %APPDATA%\codeintegrity\winsupport\pcivdd.dll
- %APPDATA%\codeintegrity\winsupport\pscrinst.dll
- %APPDATA%\codeintegrity\winsupport\remcmdstub.exe
- %APPDATA%\codeintegrity\winsupport\shfolder.dll
- %APPDATA%\codeintegrity\winsupport\tcbr32.dll
- %APPDATA%\codeintegrity\winsupport\tcctl32.dll
- %APPDATA%\codeintegrity\winsupport\volumecontrolwxp.dll
- %APPDATA%\codeintegrity\winsupport\wdfcoinstaller01005.dll
- <LS_APPDATA>\netsupport\netsupport manager\iadhrbu_hf.bin
- %APPDATA%\codeintegrity\winsupport\pcimonhook.dll
- %APPDATA%\codeintegrity\winsupport\pcimsg.dll
- %APPDATA%\codeintegrity\winsupport\nsm.lic
- %APPDATA%\codeintegrity\winsupport\nsm.ini
- %APPDATA%\codeintegrity\winsupport\nskbfltr.sys
- %APPDATA%\codeintegrity\winsupport\clhook4.dll
- %APPDATA%\codeintegrity\winsupport\client32.exe
- %APPDATA%\codeintegrity\winsupport\client32.ini
- %APPDATA%\codeintegrity\winsupport\control.kbd
- %APPDATA%\codeintegrity\winsupport\cryptpak.dll
- %APPDATA%\codeintegrity\winsupport\dbi.exe
- %APPDATA%\codeintegrity\winsupport\gdihook5.dll
- %APPDATA%\codeintegrity\winsupport\gdihook5.inf
- %APPDATA%\codeintegrity\winsupport\gdihook5.sys
- %APPDATA%\codeintegrity\winsupport\htctl32.dll
- %APPDATA%\codeintegrity\winsupport\ipbr32.dll
- %APPDATA%\codeintegrity\winsupport\audiocapture.dll
- %APPDATA%\codeintegrity\winsupport\ipctl32.dll
- %APPDATA%\codeintegrity\winsupport\nbbr32.dll
- %APPDATA%\codeintegrity\winsupport\nbctl32.dll
- %APPDATA%\codeintegrity\winsupport\nbctla0.dll
- %APPDATA%\codeintegrity\winsupport\nbctla1.dll
- %APPDATA%\codeintegrity\winsupport\nbctla2.dll
- %APPDATA%\codeintegrity\winsupport\nbctla3.dll
- %APPDATA%\codeintegrity\winsupport\nbctla4.dll
- %APPDATA%\codeintegrity\winsupport\nbctla5.dll
- %APPDATA%\codeintegrity\winsupport\nbctla6.dll
- %APPDATA%\codeintegrity\winsupport\nbctla7.dll
- %APPDATA%\codeintegrity\winsupport\nskbfltr.inf
- %APPDATA%\codeintegrity\winsupport\msvcr100.dll
- <LS_APPDATA>\netsupport\netsupport manager\iadhrbu_sw.bin
- <LS_APPDATA>\netsupport\netsupport manager\iadhrbu_hw.bin
- %APPDATA%\codeintegrity\winsupport\audiocapture.dll
- %APPDATA%\codeintegrity\winsupport\nspscr.inf
- %APPDATA%\codeintegrity\winsupport\nspscr.sys
- %APPDATA%\codeintegrity\winsupport\nstoast.exe
- %APPDATA%\codeintegrity\winsupport\pcicapi.dll
- %APPDATA%\codeintegrity\winsupport\pcicfgui.exe
- %APPDATA%\codeintegrity\winsupport\pcichek.dll
- %APPDATA%\codeintegrity\winsupport\pcicl32.dll
- %APPDATA%\codeintegrity\winsupport\pciconn.exe
- %APPDATA%\codeintegrity\winsupport\pcigina.dll
- %APPDATA%\codeintegrity\winsupport\nsm.lic
- %APPDATA%\codeintegrity\winsupport\nsmexec.exe
- %APPDATA%\codeintegrity\winsupport\pcihooks.dll
- %APPDATA%\codeintegrity\winsupport\pcimonhook.dll
- %APPDATA%\codeintegrity\winsupport\pcimsg.dll
- %APPDATA%\codeintegrity\winsupport\pcisys.sys
- %APPDATA%\codeintegrity\winsupport\pcivdd.dll
- %APPDATA%\codeintegrity\winsupport\pscrinst.dll
- %APPDATA%\codeintegrity\winsupport\remcmdstub.exe
- %APPDATA%\codeintegrity\winsupport\shfolder.dll
- %APPDATA%\codeintegrity\winsupport\tcbr32.dll
- %APPDATA%\codeintegrity\winsupport\tcctl32.dll
- %APPDATA%\codeintegrity\winsupport\pciinv.dll
- %APPDATA%\codeintegrity\winsupport\pcimon.dll
- %APPDATA%\codeintegrity\winsupport\nsm.ini
- %APPDATA%\codeintegrity\winsupport\nskbfltr.sys
- %APPDATA%\codeintegrity\winsupport\nskbfltr.inf
- %APPDATA%\codeintegrity\winsupport\client32.exe
- %APPDATA%\codeintegrity\winsupport\client32.ini
- %APPDATA%\codeintegrity\winsupport\control.kbd
- %APPDATA%\codeintegrity\winsupport\cryptpak.dll
- %APPDATA%\codeintegrity\winsupport\dbi.exe
- %APPDATA%\codeintegrity\winsupport\gdihook5.dll
- %APPDATA%\codeintegrity\winsupport\gdihook5.inf
- %APPDATA%\codeintegrity\winsupport\gdihook5.sys
- %APPDATA%\codeintegrity\winsupport\htctl32.dll
- %APPDATA%\codeintegrity\winsupport\ipbr32.dll
- %APPDATA%\codeintegrity\winsupport\clhook4.dll
- %APPDATA%\codeintegrity\winsupport\ipctl32.dll
- %APPDATA%\codeintegrity\winsupport\nbbr32.dll
- %APPDATA%\codeintegrity\winsupport\nbctl32.dll
- %APPDATA%\codeintegrity\winsupport\nbctla0.dll
- %APPDATA%\codeintegrity\winsupport\nbctla1.dll
- %APPDATA%\codeintegrity\winsupport\nbctla2.dll
- %APPDATA%\codeintegrity\winsupport\nbctla3.dll
- %APPDATA%\codeintegrity\winsupport\nbctla4.dll
- %APPDATA%\codeintegrity\winsupport\nbctla5.dll
- %APPDATA%\codeintegrity\winsupport\nbctla6.dll
- %APPDATA%\codeintegrity\winsupport\nbctla7.dll
- %APPDATA%\codeintegrity\winsupport\msvcr100.dll
- %APPDATA%\codeintegrity\winsupport\volumecontrolwxp.dll
- %APPDATA%\codeintegrity\winsupport\wdfcoinstaller01005.dll
- DNS ASK wi####.duckdns.org
- DNS ASK ge#.####upportsoftware.com
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'NSMWClass' WindowName: ''
- ClassName: 'MPWClass' WindowName: ''
- '%APPDATA%\codeintegrity\winsupport.exe' -p984f634D
- '%APPDATA%\codeintegrity\winsupport\client32.exe'
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\FirewallControlPanel.dll,ShowNotificationDialog /configure /ETOnly 0 /OnProfiles 6 /OtherAllowed 0 /OtherBlocked 0 /OtherEdgeAllowed 0 /NewBlocked 2 "%APPDATA%\codeintegrity\winsuppo...