Technical Information
- [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'Windows Update' = '%CommonProgramFiles(x86)%\System\klass.exe'
- [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%CommonProgramFiles(x86)%\System\klass.exe' = '%CommonProgramFiles(x...
- klass.exe
- %CommonProgramFiles(x86)%\system\klass.exe
- %CommonProgramFiles(x86)%\system\klass.exe
- DNS ASK en##.zapto.org
- '%CommonProgramFiles(x86)%\system\klass.exe'
- '%CommonProgramFiles(x86)%\system\klass.exe' ' (with hidden window)