Technical Information
- [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Userinit' = '<SYSTEM32>\userinit.exe,systems.exe,\msrmins.exe'
- [HKLM\SYSTEM\CurrentControlSet\Services\lyl] 'Start' = '00000002'
- [HKLM\SYSTEM\CurrentControlSet\Services\lyl] 'ImagePath' = 'system32\drivers\nhwdmxt.sys'
- C:\desktop.ini
- C:\desktop.ini