Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'DealHelperDown' = '"%WINDIR%\Download.exe"'
- %WINDIR%\Download.exe AffiliateID=435345808
- %WINDIR%\DealHelper.exe
- %WINDIR%\Download.exe
- 'ad#.##alhelper.com':80
- ad#.##alhelper.com/updates/DealHelper.exe
- DNS ASK ad#.##alhelper.com
- ClassName: 'Indicator' WindowName: ''