Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\NPF] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\NPF] 'ImagePath' = '<DRIVERS>\npf.sys'
- [<HKLM>\System\CurrentControlSet\Services\WinInsideSvc] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\WinInsideSvc] 'ImagePath' = '<SYSTEM32>\winisvc.exe'
- %TEMP%\initiosx
- %WINDIR%\syswow64\taskshell.exe
- <SYSTEM32>\packet.dll
- <SYSTEM32>\wpcap.dll
- <DRIVERS>\npf.sys
- <SYSTEM32>\winisvc.exe
- %WINDIR%\temp\uddb71b.tmp
- %WINDIR%\temp\uddb71b.tmp
- '%TEMP%\initiosx'