Техническая информация
- %TEMP%\nsd2.tmp\ns3.tmp taskkill /f /im sgav.exe
- %ALLUSERSPROFILE%\Application Data\nol\sgav.exe
- %ALLUSERSPROFILE%\Application Data\nol\sgav.exe (загружен из сети Интернет)
- <SYSTEM32>\taskkill.exe /f /im sgav.exe
- %TEMP%\nsd2.tmp\nsExec.dll
- %ALLUSERSPROFILE%\Application Data\nol\sgav.exe
- %ALLUSERSPROFILE%\Application Data\nol\NALi.exe
- %TEMP%\nsd2.tmp\ns3.tmp
- %TEMP%\nsd2.tmp\UAC.dll
- <DRIVERS>\etc\h1
- %TEMP%\nsd2.tmp\NSISdl.dll
- %TEMP%\nsd2.tmp\exdll.dll
- %TEMP%\nsd2.tmp\ns3.tmp
- <DRIVERS>\etc\hosts
- 'np#.#####l-antivirus-pro.com':80
- np#.#####l-antivirus-pro.com/P4C42A4104301AA1019865/NALi.exe
- np#.#####l-antivirus-pro.com/P4C42A4104301AA1019865/sgav.ttt
- DNS ASK np#.#####l-antivirus-pro.com
- ClassName: '' WindowName: ''