Техническая информация
- '%APPDATA%\Roaming\setup.exe'
- '%TEMP%\nscE08F.tmp\ns147B.tmp' %APPDATA%\Roaming\setup.exe
- '%APPDATA%\Roaming\setup.exe' (загружен из сети Интернет)
- '<SYSTEM32>\rundll32.exe' dfdts.dll,DfdGetDefaultPolicyAndSMART
- %APPDATA%\Roaming\setup.exe
- %TEMP%\nscE08F.tmp\nsExec.dll
- %TEMP%\nscE08F.tmp\ns147B.tmp
- %TEMP%\nscE08F.tmp\modern-header.bmp
- %TEMP%\nscE08F.tmp\inetc.dll
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\driver_updater_setup[1].com
- %TEMP%\nscE08F.tmp\modern-header.bmp
- %TEMP%\nscE08F.tmp\nsExec.dll
- %TEMP%\nscE08F.tmp\ns147B.tmp
- %TEMP%\nscE08F.tmp\inetc.dll
- 'yo####staller.com':80
- DNS ASK yo####staller.com
- ClassName: 'SysListView32' WindowName: '(null)'
- ClassName: '#32770' WindowName: '(null)'