Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\360seboxx] 'Start' = '00000002'
- %WINDIR%\360sebox.exe
- %TEMP%\bin.exe
- %TEMP%\ztxunpu.exe
- %TEMP%\rouji.exe
- %TEMP%\bin.exe (загружен из сети Интернет)
- <SYSTEM32>\cmd.exe /c %WINDIR%\61642520.BAT
- <SYSTEM32>\wscript.exe "%TEMP%\zt.vbs"
- %TEMP%\WER98e7.dir00\360sebox.exe.mdmp
- %TEMP%\bin.exe
- %TEMP%\WER98e7.dir00\360sebox.exe.hdmp
- %TEMP%\WER98e7.dir00\manifest.txt
- %TEMP%\WER98e7.dir00\appcompat.txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\zt[1].exe
- %TEMP%\zt.vbs
- %TEMP%\ztxunpu.exe
- %TEMP%\rouji.exe
- %WINDIR%\61642520.BAT
- %WINDIR%\360sebox.exe
- %WINDIR%\360sebox.exe
- %TEMP%\zt.vbs
- %TEMP%\rouji.exe
- %WINDIR%\360sebox.exe
- 'yp####5202.3322.org':8000
- 'do#####dering.9966.org':80
- 'localhost':1036
- do#####dering.9966.org/aspnet_client/zt.exe
- DNS ASK yp####5202.3322.org
- DNS ASK do#####dering.9966.org
- ClassName: 'Shell_TrayWnd' WindowName: ''