Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Userinit' = '<SYSTEM32>\userinit.exe,<SYSTEM32>\qmgrxp.exe,'
- <SYSTEM32>\dllcache\beep.sys файлом <SYSTEM32>\dllcache\beep.sys.new
- <DRIVERS>\beep.sys файлом %TEMP%\beep.sys
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\qmgrxp.exe
- <SYSTEM32>\packet64.dll
- %TEMP%\beep.sys
- <DRIVERS>\beep.sys.new в <DRIVERS>\beep.sys
- 'tm###.#kypetm.com.tw':8080
- 'tm###.#kypetm.com.tw':443
- '11#.#0.240.52':8080
- '11#.#0.240.52':443
- DNS ASK tm###.#kypetm.com.tw