Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\glujkm] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\issmuo] 'Start' = '00000002'
- '<SYSTEM32>\sc.exe' create glujkm type= kernel start= auto binpath= "%PROGRAM_FILES%\Uninstall Information\{2fc0ed8d-3ca2-4233-0094-241637b80c6c}\glujkm.bin"
- '<SYSTEM32>\sc.exe' create issmuo type= kernel binpath= "%PROGRAM_FILES%\Uninstall Information\{2fc0ed8d-3ca2-4233-0094-241637b80c6c}\issmuo.bin" start= auto
- %WINDIR%\Help\cq2517.hlp
- %WINDIR%\ime\kok8149
- %PROGRAM_FILES%\Uninstall Information\{2fc0ed8d-3ca2-4233-0094-241637b80c6c}\glujkm.bin
- %WINDIR%\system\su0506.drv
- %WINDIR%\repair\ns1038
- %TEMP%\1.tmp
- %WINDIR%\repair\chl5223
- %WINDIR%\Temp\{3cbbf84c-df02-4991-009b-52cf3cbdc05f}
- %PROGRAM_FILES%\Uninstall Information\{2fc0ed8d-3ca2-4233-0094-241637b80c6c}\issmuo.bin
- %PROGRAM_FILES%\Uninstall Information\{2fc0ed8d-3ca2-4233-0094-241637b80c6c}\glujkm.bin
- %WINDIR%\Temp\{3cbbf84c-df02-4991-009b-52cf3cbdc05f}
- %PROGRAM_FILES%\Uninstall Information\{2fc0ed8d-3ca2-4233-0094-241637b80c6c}\issmuo.bin
- %TEMP%\1.tmp
- 'rp##.21civ.com':80
- 'localhost':1037
- rp##.21civ.com/az.php?o=###################################################
- DNS ASK www.ba##u.com
- DNS ASK rp##.21civ.com
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''