Technical Information
- [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'R' = '"<Full path to file>"'
- [HKLM\System\CurrentControlSet\Services\msdirect] 'Start' = '00000002'
- [HKLM\System\CurrentControlSet\Services\msdirect] 'ImagePath' = '<Current directory>\msdirect.sys'
- 'msdirect' <Current directory>\msdirect.sys
- <Current directory>\msdirect.sys
- %WINDIR%\temp\uddf594.tmp
- %WINDIR%\temp\uddf594.tmp