Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\Randw] 'ImagePath' = '%TEMP%\Randw'
- [<HKLM>\System\CurrentControlSet\Services\FPbiBB34bAwZBBy79] 'ImagePath' = '%WINDIR%\SysWOW64\FPbiBB34bAwZBBy79.sys'
- 'Randw' %TEMP%\Randw
- 'FPbiBB34bAwZBBy79' %WINDIR%\SysWOW64\FPbiBB34bAwZBBy79.sys
- %TEMP%\randw
- %WINDIR%\syswow64\fpbibb34bawzbby79.sys
- %WINDIR%\temp\uddd000.tmp
- %TEMP%\randw
- %WINDIR%\syswow64\fpbibb34bawzbby79.sys
- %WINDIR%\syswow64\fpbibb34bawzbby79.sys
- %WINDIR%\temp\uddd000.tmp