Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\VolStart] 'Start' = '00000002'
- %WINDIR%\MSUpdate.exe
- <DRIVERS>\svchost.exe
- <SYSTEM32>\regsvr32.exe <SYSTEM32>\ntsvc.ocx /s
- %WINDIR%\MSUpdate.exe
- <DRIVERS>\svchost.exe
- <SYSTEM32>\ntsvc.ocx
- 'mi#######.update.serveftp.net':80
- mi#######.update.serveftp.net/rsetup.exe
- DNS ASK mi#######.update.serveftp.net