Technical Information
- [<HKLM>\System\CurrentControlSet\Services\Inithookpg] 'ImagePath' = '<Current directory>\Inithookpg.sys'
- [<HKLM>\SYSTEM\CurrentControlSet\Services\SSPRO] 'ImagePath' = '<Current directory>\Inithook.sys'
- [<HKLM>\System\CurrentControlSet\Services\Inithooky] 'ImagePath' = '<Current directory>\Inithooky.sys'
- [<HKLM>\System\CurrentControlSet\Services\MiHideDriver] 'ImagePath' = '<Current directory>\MiHideDriver.sys'
- 'Inithookpg' <Current directory>\Inithookpg.sys
- 'SSPRO' <Current directory>\Inithook.sys
- 'Inithooky' <Current directory>\Inithooky.sys
- 'MiHideDriver' <Current directory>\MiHideDriver.sys
- <Current directory>\inithookpg.sys
- %WINDIR%\temp\uddf90e.tmp
- <Current directory>\mihidedriver.sys
- <Current directory>\inithooky.sys
- <Current directory>\inithook.sys
- %WINDIR%\temp\udd781.tmp
- %WINDIR%\temp\udd770.tmp
- %WINDIR%\temp\udd791.tmp
- <Current directory>\inithookpg.sys
- <Current directory>\mihidedriver.sys
- <Current directory>\inithooky.sys
- <Current directory>\inithook.sys
- %WINDIR%\temp\uddf90e.tmp
- <Current directory>\inithookpg.sys
- %WINDIR%\temp\udd781.tmp
- %WINDIR%\temp\udd770.tmp
- %WINDIR%\temp\udd791.tmp
- <Current directory>\inithooky.sys
- <Current directory>\inithook.sys
- 'we###er.gov.hk':80
- http://www.we###er.gov.hk/cgi-bin/hko/ntime.pl
- DNS ASK we###er.gov.hk