Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\bxrfffv] 'Start' = '00000001'
- '<SYSTEM32>\netsh.exe' firewall set allowedprogram \??\<SYSTEM32>\winlogon.exe ENABLE
- <SYSTEM32>\spoolsv.exe
- ClassName: '____AVP.Root' WindowName: '(null)'
- <DRIVERS>\bxrfffv.sys
- %TEMP%\sys3148.tmp
- %TEMP%\espC9D0.tmp
- %TEMP%\sys3148.tmp
- %TEMP%\espC9D0.tmp