Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Userinit' = '<SYSTEM32>\userinit.exe,<SYSTEM32>\qmgrxps.exe'
- <SYSTEM32>\dllcache\beep.sys файлом <SYSTEM32>\dllcache\beep.sys.new
- <DRIVERS>\beep.sys файлом %TEMP%\beep.sys
- %WINDIR%\Explorer.EXE
- %TEMP%\WinWMI.dll
- <DRIVERS>\beep.sys.new
- <SYSTEM32>\dllcache\beep.sys.new
- %TEMP%\beep.sys
- <SYSTEM32>\packet64.dll
- <SYSTEM32>\qmgrxps.exe
- 're##.##endmicro.org.tw':443
- DNS ASK re##.##endmicro.org.tw