Technical Information
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Shell' = '%ProgramFiles%\SolitireSpider\activate.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Shell' = '%ProgramFiles%\SolitireSpider\activate.exe'
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\15.tmp
- %TEMP%\$inst\temp_0.tmp
- %ProgramFiles%\SolitireSpider\activate.exe
- %ProgramFiles%\SolitireSpider\Install.bat
- %ProgramFiles%\SolitireSpider\Spider.exe
- %ProgramFiles%\SolitireSpider\Uninstall.exe
- %HOMEPATH%\Desktop\Spider.lnk
- %ProgramFiles%\SolitireSpider\Uninstall.ini
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\15.tmp
- 'localhost':1038
- 'ga######all.yolasite.com':80
- http://ga######all.yolasite.com/
- DNS ASK ga######all.yolasite.com
- ClassName: '' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- '<SYSTEM32>\cmd.exe' /c ""%ProgramFiles%\SolitireSpider\Install.bat" "
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' "http://ga######all.yolasite.com/"
- '<SYSTEM32>\shutdown.exe' -r -f -t 40 -c "Software installation done"