Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Microsoft' = '"C:\Client.exe" '
- %TEMP%\is-0B935.tmp\is-P2RTT.tmp /SL4 $60036 "%TEMP%\jpwb69yh.exe" 1385749 50688
- C:\Client.exe
- %TEMP%\jpwb69yh.exe
- 360tray.exe
- %TEMP%\is-KIH8J.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-KIH8J.tmp\sobar.bmp
- C:\IsFive
- %TEMP%\is-KIH8J.tmp\_isetup\_RegDLL.tmp
- %TEMP%\jpwb69yh.exe
- C:\Client.exe
- %TEMP%\is-0B935.tmp\is-P2RTT.tmp
- DNS ASK wo##s.cn
- 'wo##s.cn':19001
- ClassName: 'Shell_TrayWnd' WindowName: ''