Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Klog2.0' = '%HOMEPATH%\AppData\Roaming\Klog2.0\Klog2.0.exe'
- %HOMEPATH%\AppData\Roaming\Klog2.0\Log2.0.txt
- %HOMEPATH%\AppData\Roaming\Klog2.0\Auto2.0.bat
- %HOMEPATH%\AppData\Roaming\Klog2.0\Klog2.0.exe
- '<SYSTEM32>\reg.exe' add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Klog2.0" /t REG_SZ /d "%HOMEPATH%\AppData\Roaming\Klog2.0\Klog2.0.exe" /f
- '<SYSTEM32>\cmd.exe' /c %HOMEPATH%\AppData\Roaming\Klog2.0\Auto2.0.bat