Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\netgod] 'Start' = '00000002'
- %PROGRAM_FILES%\Rainlendar\ZCRainlendar.exe
- %PROGRAM_FILES%\Rainlendar\WINRainlendar.exe
- %PROGRAM_FILES%\Rainlendar\Rainlendar.exe
- C:\11ФВ26ИХ.EXE
- C:\Б¬µгЖч.exe
- %PROGRAM_FILES%\Rainlendar\Windows_NT_ck.EXE
- %PROGRAM_FILES%\Rainlendar\Rainlendar.exenet
- %PROGRAM_FILES%\Rainlendar\WINRainlendar.exe
- %PROGRAM_FILES%\Rainlendar\ZCRainlendar.exe
- %PROGRAM_FILES%\Rainlendar\Rainlendar.ldb
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CJCTQ25G\ip[1].txt
- %PROGRAM_FILES%\Rainlendar\js
- %PROGRAM_FILES%\Rainlendar\Rainlendar.exe_b
- %PROGRAM_FILES%\Rainlendar\Rainlendar.exe
- %WINDIR%\kzb
- C:\Б¬µгЖч.exe
- C:\11ФВ26ИХ.EXE
- %WINDIR%\win32.btl
- %PROGRAM_FILES%\Rainlendar\Rainlendar.chm
- %PROGRAM_FILES%\Rainlendar\Windows_NT_ck.EXE
- %PROGRAM_FILES%\Rainlendar\WIN_cke.txt
- %PROGRAM_FILES%\Rainlendar\ZCRainlendar.exe
- %PROGRAM_FILES%\Rainlendar\Rainlendar.ldb
- %PROGRAM_FILES%\Rainlendar\js
- %WINDIR%\kzb
- %PROGRAM_FILES%\Rainlendar\WIN_cke.txt
- C:\11ФВ26ИХ.EXE
- 'yo##6.com':80
- 'localhost':1036
- yo##6.com/kfkfkf36/ididid36/80184/ip.txt
- DNS ASK yo##6.com
- ClassName: 'ComboBoxEx32' WindowName: ''
- ClassName: 'ReBarWindow32' WindowName: ''
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: '' WindowName: 'netjs'
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'JOLA V1.0' WindowName: ''
- ClassName: 'WorkerW' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''