Техническая информация
- '<SYSTEM32>\net.exe' stop "Security Center"
- '<SYSTEM32>\net.exe' stop SharedAccess
- %TEMP%\Spam Bot.exe
- %TEMP%\Google_Chrome_BlackWista_Installr.exe
- %TEMP%\1.tmp\2.bat
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- '%TEMP%\Spam Bot.exe'
- '%TEMP%\Google_Chrome_BlackWista_Installr.exe'
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\2.bat" "%TEMP%\Google_Chrome_BlackWista_Installr.exe""
- '<SYSTEM32>\net1.exe' stop "Security Center"
- '<SYSTEM32>\net1.exe' stop SharedAccess
- '%WINDIR%\regedit.exe' /S "%nulnulnulnulnul%.\kill.reg"
- '<SYSTEM32>\reg.exe' add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 1/f