Техническая информация
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'DYISOH' = '<LS_APPDATA>\DYISOH\DYISOHW.vbs'
- %WINDIR%\syswow64\regsvr32.exe
- %APPDATA%\dyisohech.exe
- %APPDATA%\dyisoh.bmp
- %HOMEPATH%\kndex\dyisoh.ocx
- %TEMP%\787d.tmp
- %HOMEPATH%\yahoo\dyisohess.exe
- %HOMEPATH%\kndex\dyisoh.bmp
- <LS_APPDATA>\dyisoh\dyisohv.bat
- <LS_APPDATA>\dyisoh\dyisohw.vbs
- %HOMEPATH%\kndex\dyisoh.ocx
- ClassName: 'EDIT' WindowName: ''
- '%APPDATA%\dyisohech.exe'
- '%WINDIR%\syswow64\regsvr32.exe'