Техническая информация
- [<HKCU>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'TSNYNR' = '<LS_APPDATA>\TSNYNR\TSNYNRW.vbs'
- %WINDIR%\syswow64\regsvr32.exe
- %APPDATA%\linkinsee.exe
- %APPDATA%\linkin.bmp
- %HOMEPATH%\kndex\linkin.ocx
- %HOMEPATH%\yahoo\tsnynress.exe
- %HOMEPATH%\kndex\tsnynr.bmp
- <LS_APPDATA>\tsnynr\tsnynrv.bat
- <LS_APPDATA>\tsnynr\tsnynrw.vbs
- %HOMEPATH%\kndex\linkin.ocx
- DNS ASK gr#####heart.ddns.net
- ClassName: 'EDIT' WindowName: ''
- '%APPDATA%\linkinsee.exe'
- '%WINDIR%\syswow64\regsvr32.exe'