Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] 'ReferenceAssembliesw' = '%ALLUSERSPROFILE%\Reference Assemblies\ReferenceAssembliesw.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Ly' = '%APPDATA%\Uninstall Information\Ly.exe'
- Обновления системы (Windows Update)
- Центр обеспечения безопасности (Security Center)
- '<SYSTEM32>\winver.exe'
- <SYSTEM32>\winver.exe
- %ALLUSERSPROFILE%\Reference Assemblies\ReferenceAssembliesw.exe
- %APPDATA%\Uninstall Information\Ly.exe
- %APPDATA%\Uninstall Information\Ly.exe
- '51.##5.48.78':53
- '15#.#0.147.153':53
- '23.#4.5.133':53
- '10#.#1.164.218':53
- '45.##.117.118':53
- '52.##4.55.168':53
- '62.##3.203.55':53
- '18#.#65.200.156':53
- '13#.#55.78.223':53
- '13#.#55.73.90':53
- '45.##.28.232':53
- '87.##.175.85':53
- '5.#.49.12':53
- '10#.#38.186.189':53
- '18#.#33.72.100':53
- '96.##.175.167':53
- '14#.#38.157.53':53
- '45.##.99.180':53
- '45.#3.25.55':53
- '14#.#6.133.38':53
- '89.#8.27.34':53
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'ConsoleWindowClass' WindowName: ''
- ClassName: 'SysListView32' WindowName: ''
- ClassName: 'SW' WindowName: ''
- ClassName: '#32770' WindowName: ''