Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Remote Procedure Call Host] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\npf] 'Start' = '00000002'
- '<SYSTEM32>\rpchost.exe'
- <SYSTEM32>\Packet.dll
- <SYSTEM32>\wpcap.dll
- <SYSTEM32>\rpchost.exe
- <DRIVERS>\npf.sys
- 'localhost':7250