Tech Support Scams, Two For The Price Of One
If you have read the blog post about Tech Support Scammers using the Winlogon Shell registry value, you know the basics about how this one works. We have reported this site to Yola and are awaiting a reply. This sequence of events is programmed in a simple batch file that opens the site and commands the computer to shut down in 5 minutes.
Image courtesy of malwarebytes.com