Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'advanceddefender' = '%PROGRAM_FILES%\Advanced Defender\advanceddefender.exe'
- '%PROGRAM_FILES%\Advanced Defender\advanceddefender.exe'
- '<SYSTEM32>\cmd.exe' /c %WINDIR%\tempfile2.bat
- %WINDIR%\certofsystem.exe
- %WINDIR%\secureit.com
- %WINDIR%\spoos.exe
- %WINDIR%\explorers.exe
- %PROGRAM_FILES%\Advanced Defender\queue.wdb
- %WINDIR%\regp.exe
- %WINDIR%\microsoftdefend.dll
- %PROGRAM_FILES%\Advanced Defender\conf.wcf
- %HOMEPATH%\Desktop\Advanced Defender.lnk
- %WINDIR%\tempfile2.bat
- %PROGRAM_FILES%\Advanced Defender\advanceddefender.exe
- %HOMEPATH%\Start Menu\Programs\Advanced Defender\Advanced Defender.lnk
- %ALLUSERSPROFILE%\Microsoft PData\track.wid
- %PROGRAM_FILES%\Advanced Defender\baseadd.wdb
- %PROGRAM_FILES%\Advanced Defender\base.wdb
- ClassName: '(null)' WindowName: 'Program Manager'
- ClassName: 'MS_WINHELP' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'Advanced Defender'