Техническая информация
- <SYSTEM32>\sogou.exe
- <SYSTEM32>\wtb.exe
- %PROGRAM_FILES%\WinPOP\csrss.exe
- <SYSTEM32>\regsvr32.exe /s "%CommonProgramFiles%\PushWare\cpush.dll"
- %WINDIR%\regedit.exe /s <SYSTEM32>\winpop.reg
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1809' = '00000003'
- <SYSTEM32>\fzbcs.dll
- <SYSTEM32>\sogou.exe
- %CommonProgramFiles%\PushWare\cpush.dll
- <SYSTEM32>\wtb.exe
- <SYSTEM32>\winpop.reg
- %PROGRAM_FILES%\WinPOP\csrss.exe
- %PROGRAM_FILES%\WinPOP\WinPOP_Error_Log.txt
- <SYSTEM32>\wtb.exe
- 'po#.#zmax.com':80
- DNS ASK po#.#zmax.com
- ClassName: 'RegEdit_RegEdit' WindowName: ''