Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'WinKey' = '%TEMP%\SearchWin.exe'
- '%TEMP%\SearchWin.exe'
- %TEMP%\Companny
- %TEMP%\SearchWin.exe
- %TEMP%\Crepeat.tl
- 'ca#####nhavizinha.com':80
- ca#####nhavizinha.com/modeloa.php
- DNS ASK ca#####nhavizinha.com
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'RDO78'