Техническая информация
- [<HKLM>\SYSTEM\ControlSet002\Services\teeyhj] 'start' = '00000002'
- [<HKLM>\SYSTEM\CONTROLSET003\Services\teeyhj\Parameters] 'ServiceDll' = '<SYSTEM32>\ddxsqt.dll'
- [<HKLM>\SYSTEM\CONTROLSET003\Services\teeyhj] 'start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet002\Services\teeyhj\Parameters] 'ServiceDll' = '<SYSTEM32>\ddxsqt.dll'
- [<HKLM>\SYSTEM\ControlSet001\Services\teeyhj] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\teeyhj] 'ImagePath' = '<SYSTEM32>\svchost.exe -k teeyhj'
- [<HKLM>\SYSTEM\ControlSet001\Services\teeyhj\Parameters] 'ServiceDll' = '<SYSTEM32>\ddxsqt.dll'
- '<SYSTEM32>\svchost.exe' -k teeyhj
- <SYSTEM32>\ddxsqt.dll
- <SYSTEM32>\00056768.inf
- %TEMP%\80EB2F5C
- '<L####NET>.0.143':80
- http://19#.#68.0.143/20171201/075543/198187.jsp via <L####NET>.0.143
- http://19#.#68.0.143/20171201/075556/210968.jsp via <L####NET>.0.143
- http://19#.#68.0.143/20171201/075609/223890.jsp via <L####NET>.0.143
- http://19#.#68.0.143/20171201/075504/159031.jsp via <L####NET>.0.143
- http://19#.#68.0.143/20171201/075517/171937.jsp via <L####NET>.0.143
- http://19#.#68.0.143/20171201/075530/185109.jsp via <L####NET>.0.143