Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\dmssvc] 'Start' = '00000002'
- '<SYSTEM32>\cmd.exe' /c __del_2c1a0.bat
- '<SYSTEM32>\svchost.exe' -k dmssvc
- %ALLUSERSPROFILE%\DeviceMetadataStore\__del_2c1a0.bat
- %ALLUSERSPROFILE%\DeviceMetadataStore\dmseng.dll
- 'bi###.##endmicrosoft.co.in':443
- DNS ASK bi###.##endmicrosoft.co.in