Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\hjgruitoehrirx] 'start' = '00000001'
- [<HKLM>\SYSTEM\ControlSet001\Services\oqptusppfjxyexnn] 'start' = '00000001'
- <SYSTEM32>\spoolsv.exe
- <DRIVERS>\oqptusppfjxyexnn.sys
- <DRIVERS>\hjgruidomyqxwn.sys
- %TEMP%\tsexnmxtbd.tmp
- %TEMP%\mexnedxrxv.tmp
- %TEMP%\mexnedxrxv.tmp