Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Winkph] 'Start' = '00000002'
- <SYSTEM32>\Winkph.exe
- AVPM.EXE
- NAVAPW32.EXE
- nod32.exe
- AVGCTRL.EXE
- AVP32.EXE
- AVPCC.EXE
- %WINDIR%\Temp\Ehu7.exe
- %WINDIR%\Temp\Np6.exe
- %WINDIR%\Temp\Vsa5.exe
- %WINDIR%\Temp\Xjg8.exe
- %WINDIR%\Temp\HuaA.exe
- %WINDIR%\Temp\Nib9.exe
- %PROGRAM_FILES%\Messenger\msmsgs.ypt
- <SYSTEM32>\Winktfy.exe
- <SYSTEM32>\Winkph.exe
- %WINDIR%\Temp\Tg1.exe
- %WINDIR%\Temp\Edt4.exe
- %WINDIR%\Temp\Zyc3.exe
- %WINDIR%\Temp\Kqv2.exe
- %PROGRAM_FILES%\Messenger\msmsgs.ypt
- <SYSTEM32>\Winktfy.exe
- <SYSTEM32>\Winkph.exe
- %WINDIR%\Temp\Xjg8.exe
- %WINDIR%\Temp\Ehu7.exe
- %WINDIR%\Temp\HuaA.exe
- %WINDIR%\Temp\Nib9.exe
- %WINDIR%\Temp\Np6.exe
- %WINDIR%\Temp\Zyc3.exe
- %WINDIR%\Temp\Tg1.exe
- %WINDIR%\Temp\Vsa5.exe
- %WINDIR%\Temp\Edt4.exe