Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\Rssoss ggwsaues] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Rssoss ggwsaues] 'ImagePath' = '%ProgramFiles(x86)%\Kewygoq.exe'
- 'Rssoss ggwsaues' %ProgramFiles(x86)%\Kewygoq.exe
- %ProgramFiles(x86)%\kewygoq.exe
- %ProgramFiles(x86)%\kewygoq.exe
- из <Полный путь к файлу> в %WINDIR%\syswow64\496738.bak
- 'ss#.#kt-one.com':4753
- 'ss#.#kt-one.com':4753
- DNS ASK ss#.#kt-one.com
- '%ProgramFiles(x86)%\kewygoq.exe'
- '%ProgramFiles(x86)%\kewygoq.exe' Win7