Техническая информация
- [<HKLM>\SYSTEM\ControlSet002\Services\ydyuak] 'start' = '00000002'
- [<HKLM>\SYSTEM\CONTROLSET003\Services\ydyuak\Parameters] 'ServiceDll' = '<SYSTEM32>\ddxsqt.dll'
- [<HKLM>\SYSTEM\CONTROLSET003\Services\ydyuak] 'start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet002\Services\ydyuak\Parameters] 'ServiceDll' = '<SYSTEM32>\ddxsqt.dll'
- [<HKLM>\SYSTEM\ControlSet001\Services\ydyuak] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\ydyuak] 'ImagePath' = '<SYSTEM32>\svchost.exe -k ydyuak'
- [<HKLM>\SYSTEM\ControlSet001\Services\ydyuak\Parameters] 'ServiceDll' = '<SYSTEM32>\ddxsqt.dll'
- '<SYSTEM32>\svchost.exe' -k ydyuak
- <SYSTEM32>\ddxsqt.dll
- <SYSTEM32>\00042c30.inf
- %TEMP%\80EB2F5C
- '<L####NET>.0.234':80
- http://19#.#68.0.234/20171201/075625/223828.jsp via <L####NET>.0.234
- http://19#.#68.0.234/20171201/075612/210921.jsp via <L####NET>.0.234
- http://19#.#68.0.234/20171201/075650/248890.jsp via <L####NET>.0.234
- http://19#.#68.0.234/20171201/075637/236250.jsp via <L####NET>.0.234
- http://19#.#68.0.234/20171201/075559/198546.jsp via <L####NET>.0.234
- http://19#.#68.0.234/20171201/075522/161234.jsp via <L####NET>.0.234
- http://19#.#68.0.234/20171201/075504/143109.jsp via <L####NET>.0.234
- http://19#.#68.0.234/20171201/075547/186093.jsp via <L####NET>.0.234
- http://19#.#68.0.234/20171201/075535/174031.jsp via <L####NET>.0.234