Техническая информация
- '<SYSTEM32>\regsvr32.exe' /s %WINDIR%\iDonate.dll
- [<HKCU>\Software\Microsoft\MessengerService]
- [<HKCU>\Software\Yahoo\Pager]
- [<HKCU>\Software\Microsoft\MSNMessenger]
- [<HKLM>\Software\Microsoft\Windows\CurrentVersion\Uninstall\Trillian]
- %WINDIR%\iDonate.dll
- 'www.ch####aily.com.cn':80
- '21#.#39.41.99':80
- '20#.#6.244.188':80
- 'www.ya###.com.cn':80
- 'www.or#.at':80
- '67.##5.160.76':80
- 'www.ak##ai.com':80
- '20#.#6.245.156':80
- '64.#.241.34':443
- '64.#.241.35':80
- '64.#.241.35':443
- '64.#.241.34':80
- '20#.#6.249.221':80
- '20#.#71.182.16':80
- '20#.#71.182.16':443
- 'www.1-####flowers.com':443
- '74.##5.232.51':443
- 'st###.apple.com':443
- 'www.pa##al.com':443
- 'www.verisign.com':443
- 'www.am##on.com':443
- 'www.ns#.com':443
- 'www.ca###hops.com':443
- 'www.am##on.com':80
- '20#.#6.232.182':80
- 'www.an###lle.org':80
- '74.##5.232.51':80
- '20#.#6.232.182':443
- 'www.th##te.com':443
- 'www.ho##ter.com':80
- DNS ASK www.an###lle.org
- DNS ASK www.or#.at
- DNS ASK www.th##te.com
- DNS ASK www.ho##ter.com
- DNS ASK www.ya###.com.cn
- DNS ASK www.ch####aily.com.cn
- DNS ASK www.ya##o.com
- DNS ASK www.ak##ai.com
- DNS ASK www.microsoft.com
- DNS ASK www.ns#.com
- DNS ASK www.pa##al.com
- DNS ASK www.verisign.com
- DNS ASK www.am##on.com
- DNS ASK st###.apple.com
- DNS ASK www.ca###hops.com
- DNS ASK www.1-####flowers.com
- DNS ASK www.google.com
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''