Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Spyware Stormer' = '%PROGRAM_FILES%\Spyware Stormer\SpywareStormer.Exe'
- %PROGRAM_FILES%\Spyware Stormer\SpywareStormer.exe
- %PROGRAM_FILES%\Spyware Stormer\Settings\PrevHandle.stg
- %PROGRAM_FILES%\Spyware Stormer\Settings\ScanInfo.stg
- %HOMEPATH%\Start Menu\Programs\Spyware Stormer\Uninstall.lnk
- %PROGRAM_FILES%\Spyware Stormer\uninst.exe
- %PROGRAM_FILES%\Spyware Stormer\Settings\Settings.stg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\r[1].01
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\r[1].01
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\r[2].01
- %PROGRAM_FILES%\Spyware Stormer\Settings\CustomScan.stg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\r[1].01
- %HOMEPATH%\Start Menu\Programs\Spyware Stormer\Spyware Stormer.lnk
- %HOMEPATH%\Desktop\Spyware Stormer.lnk
- %PROGRAM_FILES%\Spyware Stormer\SpywareStormer.exe
- %TEMP%\nsk2.tmp
- %PROGRAM_FILES%\Spyware Stormer\DataBase.ref
- <SYSTEM32>\comdlg32.ocx
- %PROGRAM_FILES%\Spyware Stormer\Spyware Stormer.url
- %HOMEPATH%\Start Menu\Programs\Spyware Stormer\Website.lnk
- <SYSTEM32>\msinet.ocx
- <SYSTEM32>\mscomct2.ocx
- <SYSTEM32>\mscomctl.ocx
- 'r.####lemedia.com':80
- 'localhost':1036
- r.####lemedia.com/r?u=###############
- DNS ASK r.####lemedia.com
- ClassName: 'Shell_TrayWnd' WindowName: ''