Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\41321] 'Logon' = 'o'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\41321] 'DllName' = '41321.dll'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'AudioMixer' = 'rundll32.exe <SYSTEM32>\41321.dll,s'
- <SYSTEM32>\rundll32.exe "%TEMP%\\4118467.dll,i"
- <SYSTEM32>\41321.dll
- %TEMP%\4118467.dll