Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{21E919BE-83C0-B8FB-0102-030700020503}] 'StubPath' = '<SYSTEM32>\updatei.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\resdr32] 'Start' = '00000001'
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' -nohome
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\updatei.exe
- %APPDATA%\resdr32.sys
- %APPDATA%\resdr32.sys в <DRIVERS>\resdr32.sys
- 'cr####ile.kmip.net':800
- 'pl#####rko.meibu.com':800
- DNS ASK cr####ile.kmip.net
- DNS ASK pl#####rko.meibu.com