Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Irmon] 'Start' = '00000002'
- '%APPDATA%\Microsoft\Windows\Activation\slui.exe'
- '<SYSTEM32>\rundll32.exe' "%APPDATA%\Microsoft\Windows\Activation\slui.dll",PrepareDebugSymbolEx ::S\%APPDATA%\Microsoft\Windows\Activation\slui.exe
- %TEMP%\4.tmp
- %CommonProgramFiles%\Microsoft Shared\PROOF\MSOICONS.LEX
- %APPDATA%\Microsoft\Windows\Activation\slui.crc
- %APPDATA%\Microsoft\Windows\Activation\slui.dll
- %APPDATA%\Subversion\Safe Browsing Cookies-journal.cache
- %APPDATA%\Microsoft\CLR Security Config\securiy.cch
- %WINDIR%\ehome\ehiVidCtl.ttc
- %WINDIR%\Microsoft.NET\Config.xml
- <SYSTEM32>\GrooveResource.ds
- %TEMP%\2.tmp
- %APPDATA%\Hewlett-Packard Company\help.dat
- %TEMP%\1.tmp
- %APPDATA%\Microsoft\Windows\Activation\slui.exe
- %APPDATA%\Microsoft\Windows\Activation\slui.cfg
- <SYSTEM32>\PortableDeviceTypes.dll.cache
- %TEMP%\3.tmp
- %APPDATA%\Microsoft\Windows\Activation\slui.crc
- %APPDATA%\Microsoft\Windows\Activation\slui.exe
- %TEMP%\4.tmp
- %TEMP%\1.tmp
- %TEMP%\2.tmp
- %TEMP%\3.tmp