Technical Information
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'explorer' = '<Full path to file>'
- Windows Task Manager (Taskmgr)
- %WINDIR%\wincustomise.exe
- %WINDIR%\syss.vbs
- 'do######1334.mediafire.com':443
- 'microsoft.com':80
- 'me###fire.com':80
- 'do######1979.mediafire.com':443
- http://www.me###fire.com/download_repair.php?fl##################################################################
- DNS ASK do######1334.mediafire.com
- DNS ASK microsoft.com
- DNS ASK me###fire.com
- DNS ASK do######1979.mediafire.com