Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'Networks' = 'C:\ProgramData\MSNetwork\Networks.vbs /autorun'
- C:\ProgramData\MSNetwork\Networks.vbs
- %TEMP%\$inst\0001.tmp
- <Текущая директория>\Ki3pjZ4w.bat
- C:\ProgramData\MSNetwork\Rs0ZK.exe
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- C:\ProgramData\MSNetwork\N15A3x64P11.7z
- C:\ProgramData\MSNetwork\MoSX0xH.bat
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\0001.tmp
- %TEMP%\$inst\temp_0.tmp
- '<SYSTEM32>\reg.exe' delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mod64A3P11 15.0.0.3" /f
- '<SYSTEM32>\reg.exe' delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mod64A3P11 15.0.0.3" /f
- '<SYSTEM32>\cmd.exe' /c ""<Текущая директория>\Ki3pjZ4w.bat" "