Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'AudioDriver' = '%HOMEPATH%\AppData\Roaming\Sysfiles\ha5hvlt.exe'
- %HOMEPATH%\Start Menu\Programs\Startup\AudioDriver.url
- %TEMP%\ha5hvlt.exe
- %TEMP%\WinLogon.exe
- %HOMEPATH%\AppData\Roaming\Sysfiles\AudioDriver.exe
- \\Device\\HarddiskVolume1\\Documents and Settings\\%USERNAME%\\Local Settings\\Temp\\88E6680F\\\u0414\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u0438\\screen.jpg
- %TEMP%\dw.log
- %TEMP%\27DF0.dmp
- %TEMP%\ha5hvlt.exe в %HOMEPATH%\AppData\Roaming\Sysfiles\ha5hvlt.exe
- '%TEMP%\ha5hvlt.exe'
- '%TEMP%\WinLogon.exe'
- '%CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE' -x -s 920