Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\HTVService] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\HTVService] 'ImagePath' = '%WINDIR%\HTVService.exe'
- %WINDIR%\HTVService.exe
- <SYSTEM32>\d3d9caps.dat
- <SYSTEM32>\d3d9caps.dat
- 'wp#d':80
- 'yu###ngauto.com':443
- http://11#.#11.111.1/wpad.dat via wp#d
- DNS ASK wp#d
- DNS ASK yu###ngauto.com
- '%WINDIR%\HTVService.exe'