Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\VolStart] 'Start' = '00000002'
- %WINDIR%\MSUpdate.exe
- <DRIVERS>\svchost.exe
- <SYSTEM32>\regsvr32.exe <SYSTEM32>\ntsvc.ocx /s
- <DRIVERS>\svchost.exe
- %WINDIR%\MSUpdate.exe
- <SYSTEM32>\ntsvc.ocx
- <DRIVERS>\etc\hosts.bak
- <DRIVERS>\etc\hosts.bak
- 'mi#######.update.serveftp.net':80
- mi#######.update.serveftp.net/rsetup.exe
- DNS ASK mi#######.update.serveftp.net