Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'load' = '%APPDATA%\temp\svshost.com'
- '<SYSTEM32>\schtasks.exe' /create /tn GoogleUpdateTaskUserS-17769-185731846-2809907627-500Core /tr %APPDATA%\temp\svshost.com /sc minute /f
- %APPDATA%\temp\desktop.ini
- %APPDATA%\test.txt
- %APPDATA%\temp\svshost.com
- 'av##adra.ru':80
- DNS ASK av##adra.ru