Техническая информация
- %WINDIR%\regedit.exe /s klnet.reg
- <SYSTEM32>\cscript.exe run.vbs
- <SYSTEM32>\cmd.exe /c ""%TEMP%\1.tmp\run.bat" "
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '2301' = '00000003'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1809' = '00000003'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '2200' = '00000000'
- [<HKCU>\Software\Microsoft\Internet Explorer\Download] 'CheckExeSignatures' = 'no'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '2101' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1200' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1001' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '2201' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1208' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '2000' = '00000000'
- %TEMP%\1.tmp\klnet.reg
- %TEMP%\1.tmp\run.vbs
- %TEMP%\1.tmp\run.bat
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'RegEdit_RegEdit' WindowName: ''