Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Microsoft Updater' = '%APPDATA%\msusm1.exe'
- %APPDATA%\scvhost1.exe
- %TEMP%\aut1.tmp
- %APPDATA%\msusm1.exe
- %TEMP%\aut1.tmp
- 'ne#.##wnload-up.net':80
- ne#.##wnload-up.net/1.php
- DNS ASK ne#.##wnload-up.net
- ClassName: 'Shell_TrayWnd' WindowName: ''