Техническая информация
- %ALLUSERSPROFILE%\Application Data\gav\sgav.exe
- %ALLUSERSPROFILE%\Application Data\gav\sgav.exe (загружен из сети Интернет)
- <SYSTEM32>\taskkill.exe /f /im sgav.exe
- %TEMP%\nsg2.tmp\NSISdl.dll
- %ALLUSERSPROFILE%\Application Data\gav\sgav.exe
- %ALLUSERSPROFILE%\Application Data\gav\GAVBi.exe
- <DRIVERS>\etc\h1
- %TEMP%\nsg2.tmp\UAC.dll
- %TEMP%\nsg2.tmp\exdll.dll
- <DRIVERS>\etc\hosts
- 'zp#.##een-av.com':80
- zp#.##een-av.com/P434A440FD910A71018073=/GAVBi.exe
- zp#.##een-av.com/P434A440FD910A71018073=/sgav.ttt
- DNS ASK zp#.##een-av.com
- ClassName: '' WindowName: ''