Техническая информация
- %TEMP%\nsv2.tmp\ns3.tmp taskkill /f /im sgav.exe
- %ALLUSERSPROFILE%\Application Data\nol\sgav.exe
- %ALLUSERSPROFILE%\Application Data\nol\sgav.exe (загружен из сети Интернет)
- <SYSTEM32>\taskkill.exe /f /im sgav.exe
- %TEMP%\nsv2.tmp\nsExec.dll
- %ALLUSERSPROFILE%\Application Data\nol\sgav.exe
- %ALLUSERSPROFILE%\Application Data\nol\NALi.exe
- %TEMP%\nsv2.tmp\ns3.tmp
- %TEMP%\nsv2.tmp\UAC.dll
- <DRIVERS>\etc\h1
- %TEMP%\nsv2.tmp\NSISdl.dll
- %TEMP%\nsv2.tmp\exdll.dll
- %TEMP%\nsv2.tmp\ns3.tmp
- <DRIVERS>\etc\hosts
- 'np#.####el-antivirus.com':80
- np#.####el-antivirus.com/P455C640F7510A91019728=/NALi.exe
- np#.####el-antivirus.com/P455C640F7510A91019728=/sgav.ttt
- DNS ASK np#.####el-antivirus.com
- ClassName: '' WindowName: ''