Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'conhot.exe' = '<SYSTEM32>\conhot.exe'
- '<SYSTEM32>\conhot.exe'
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\YIF7DGLM\info_48[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\3U23MFC9\httpErrorPagesScripts[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\23BUYPX5\bullet[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\UEWNTWLX\background_gradient[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\YIF7DGLM\navcancl[1]
- <SYSTEM32>\conhot.exe
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\23BUYPX5\errorPageStrings[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\UEWNTWLX\ErrorPageTemplate[1]
- <SYSTEM32>\conhot.exe
- DNS ASK lg#.yy.com
- DNS ASK hi.##idu.com
- DNS ASK www.yy.com
- DNS ASK 7m####.##m1.z0.glb.clouddn.com
- DNS ASK aq.#y.com
- DNS ASK dn#.##ftncsi.com
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''