Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Smadav Antivirus' = '%APPDATA%\Smadav\SMARTP.exe'
- <Drive name for removable media>:\antivirus\smadav pro antivirus.exe
- [<HKLM>\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '<Current directory><File name>.exe' = '<Current directory><File na...
- [<HKLM>\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%APPDATA%\SmadavSMARTP.exe' = '%APPDATA%\SmadavSMARTP.exe:*:Enable...
- %APPDATA%\smadav\smartp.exe
- %APPDATA%\smadav\smadengine.dll
- DNS ASK pa###zsec.org
- '%APPDATA%\smadav\smartp.exe'
- '%APPDATA%\smadav\smartp.exe' ' (with hidden window)