Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'advanceddefender' = '%ProgramFiles%\Advanced Defender\advanceddefender.exe'
- Диспетчера задач (Taskmgr)
- Центр обеспечения безопасности (Security Center)
- '%ProgramFiles%\Advanced Defender\advanceddefender.exe'
- '<SYSTEM32>\cmd.exe' /c %WINDIR%\tempfile2.bat
- %WINDIR%\certofsystem.exe
- %WINDIR%\secureit.com
- %WINDIR%\spoos.exe
- %WINDIR%\explorers.exe
- %ProgramFiles%\Advanced Defender\queue.wdb
- %WINDIR%\regp.exe
- %WINDIR%\microsoftdefend.dll
- %ProgramFiles%\Advanced Defender\conf.wcf
- %WINDIR%\tempfile2.bat
- %ProgramFiles%\Advanced Defender\advanceddefender.exe
- %ALLUSERSPROFILE%\Microsoft PData\track.wid
- %HOMEPATH%\Desktop\Advanced Defender.lnk
- %ProgramFiles%\Advanced Defender\baseadd.wdb
- %ProgramFiles%\Advanced Defender\base.wdb
- %HOMEPATH%\Start Menu\Programs\Advanced Defender\Advanced Defender.lnk
- 'go###def.com':80
- http://go###def.com/install/?tr############
- DNS ASK go###def.com
- ClassName: '' WindowName: 'Program Manager'
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: 'Advanced Defender'