Technical Information
- [<HKLM>\System\CurrentControlSet\Services\Yabcde] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Yabcde] 'ImagePath' = '%ProgramFiles(x86)%\Google\Egsucqu.exe'
- %ProgramFiles(x86)%\google\egsucqu.exe
- '43.##7.66.54':8590
- '43.##7.66.54':8786
- '%ProgramFiles(x86)%\google\egsucqu.exe'
- '%ProgramFiles(x86)%\google\egsucqu.exe' Win7