Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'SerchBoxGoogle' = '"%PROGRAM_FILES%\Google\Quick Search Box\SerchBoxGoogle.exe"'
- %TEMP%\1\SerchBoxGoogle.exe
- %TEMP%\1\SerchBoxGoogle.exe
- %TEMP%\aut1.tmp
- %TEMP%\aut1.tmp
- 'www.ra##go.com':80
- '<Private IP address>':53
- www.ra##go.com/command.xml
- www.ra##go.com/line.php
- '<Private IP address>':1037
- '<Private IP address>':1035
- ClassName: '' WindowName: '5F8EDA77-7264-445a-BE4F-9A335765ADBB'