Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Shell' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Userinit' = '<SYSTEM32>\13436\userinit.exe,'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] 'StubPath' = ''
- <SYSTEM32>\10153\systemp.exe
- <SYSTEM32>\10134\svchost.exe
- <SYSTEM32>\13436\userinit.exe
- <SYSTEM32>\shmgrate.exe OCInstallUserConfigOE
- %WINDIR%\inf\unregmp2.exe /ShowWMP
- <SYSTEM32>\userinit.exe
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
- %HOMEPATH%\Start Menu\Programs\Windows Media Player.lnk
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\lehaos.site50[1]
- %HOMEPATH%\Start Menu\Programs\Accessories\Entertainment\Windows Media Player.lnk
- <SYSTEM32>\13436\userinit.exe
- <SYSTEM32>\10134\svchost.exe
- <SYSTEM32>\10153\systemp.exe
- 'le####.site50.net':80
- le####.site50.net/
- DNS ASK le####.site50.net