Техническая информация
- [<HKLM>\SOFTWARE\Classes\mega\shell\open\command] '' = '"<Полный путь к вирусу>" %1'
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- <LS_APPDATA>\MegaDownloader\Config\DownloadList.xml
- <LS_APPDATA>\MegaDownloader\Log\Log_20150115.txt
- <LS_APPDATA>\MegaDownloader\Config\Configuration.xml
- <LS_APPDATA>\MegaDownloader\Language\es-ES.xml
- <LS_APPDATA>\MegaDownloader\Language\en-US.xml
- <LS_APPDATA>\MegaDownloader\Language\hu-HU.xml
- <LS_APPDATA>\MegaDownloader\Language\fr-FR.xml
- <LS_APPDATA>\MegaDownloader\Language\zh-TW.xml
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- 'me#####nloader.co.nf':80
- 'www.me##.co.nz':443
- 'wp#d':80
- me#####nloader.co.nf/version.xml?d=##########
- wp#d/wpad.dat
- DNS ASK me#####nloader.co.nf
- DNS ASK www.me##.co.nz
- DNS ASK wp#d
- ClassName: 'Shell_TrayWnd' WindowName: ''