Technical Information
- [<HKLM>\Software\Classes\tssfile\shell\open\command] '' = '<Full path to file> "%1"'
- [<HKLM>\Software\Classes\tssfile\shell\open\command] '' = '<Current directory>\MiniClient zMega.com.exe "%1"'
- %HOMEPATH%\miniclient zmega.com.exe
- <Current directory>\miniclient zmega.com.ini
- %HOMEPATH%\installer_bot.cmd
- nul
- %HOMEPATH%\installer_bot.cmd
- from %HOMEPATH%\miniclient zmega.com.exe to <Current directory>\miniclient zmega.com.exe
- http://fi###.zmega.com/_files/options.xml?20########
- http://fi###.zmega.com/_files/MiniClient zMega.com.exe?20########
- DNS ASK fi###.zmega.com
- ClassName: 'OSKMainClass' WindowName: ''
- '<Current directory>\miniclient zmega.com.exe'
- '%WINDIR%\syswow64\cmd.exe' /c %HOMEPATH%\Installer_bot.cmd' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c %HOMEPATH%\Installer_bot.cmd
- '%WINDIR%\syswow64\timeout.exe' /t 2 /nobreak
- '%WINDIR%\syswow64\timeout.exe' /t 1 /nobreak