Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Internet Explorer\Extensions\{6671A433-5C3D-463d-A7CF-5587F9B7E191}] 'ClsidExtension' = '{6671A432-5C3D-463d-A7CF-5587F9B7E191}'
- <SYSTEM32>\rundll32.exe
- %TEMP%\RDF2.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\clientStat[1].php
- %TEMP%\RDF3.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\caiXinStat[1].php
- <SYSTEM32>\stdup.dll
- <SYSTEM32>\std.ini
- %PROGRAM_FILES%\MMSAssist\MMSAssist.dll
- %PROGRAM_FILES%\MMSAssist\mms.ini
- %TEMP%\RDF3.tmp
- %TEMP%\RDF2.tmp
- 'www.li###eng100.com':80
- 'localhost':1038
- 'localhost':1036
- www.li###eng100.com/caiXinStat.php?pa############################################################################
- www.li###eng100.com/clientStat.php?pa############################################################################
- DNS ASK www.li###eng100.com