Техническая информация
- '%ALLUSERSPROFILE%\Application Data\gwr\wsav.exe'
- '%ALLUSERSPROFILE%\Application Data\gwr\wsav.exe' (загружен из сети Интернет)
- %TEMP%\nss2.tmp\NSISdl.dll
- %ALLUSERSPROFILE%\Application Data\gwr\wsav.exe
- %TEMP%\nss2.tmp\exdll.dll
- <DRIVERS>\etc\h1
- %TEMP%\nss2.tmp\UAC.dll
- <DRIVERS>\etc\hosts
- 'zp##.##een-av-pro.com':80
- zp##.##een-av-pro.com/P4450D40FB821AA1018FA3==/wsav.ttt
- DNS ASK zp##.##een-av-pro.com