Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'windefender' = '%APPDATA%\Roaming\Install\windefender.exe'
- '%APPDATA%\Roaming\Install\windefender.exe'
- '<SYSTEM32>\rundll32.exe' dfdts.dll,DfdGetDefaultPolicyAndSMART
- %APPDATA%\Roaming\Install\windefender.exe
- %APPDATA%\Roaming\Install\ntfs.dat
- '22###dro.net':80
- DNS ASK 22###dro.net
- ClassName: 'Indicator' WindowName: '(null)'