Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\yhu-oikm] 'Start' = '00000002'
- <SYSTEM32>\dllcache\beep.sys файлом <SYSTEM32>\dllcache\beep.sys.new
- <DRIVERS>\beep.sys файлом %TEMP%\OUPWJUIF
- '%PROGRAM_FILES%\logoni.exe'
- %TEMP%\LSRIXGCA.tmp
- %TEMP%\OUPWJUIF
- %PROGRAM_FILES%\logoni.exe
- <DRIVERS>\beep.sys
- %TEMP%\OYGALCJR в <DRIVERS>\beep.sys
- <DRIVERS>\beep.sys в %TEMP%\OYGALCJR
- %TEMP%\LSRIXGCA.tmp в %PROGRAM_FILES%\logoni.exe
- '77###.rhelper.com':8100
- DNS ASK 77###.rhelper.com