Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'avgmsgr' = '%WINDIR%\avgmsgr.exe'
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\avgmsgr.exe
- [<HKCU>\Software\Microsoft\MessengerService]
- %WINDIR%\KB08549SP.dat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\visitantes[1].txt
- %WINDIR%\KB08551SP.dat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\atualizacao[1].txt
- %WINDIR%\jblog.ini
- %WINDIR%\system\avgmsgr.exe
- %WINDIR%\avgmsgr.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\contador[1].txt
- <SYSTEM32>\avgmsgr.exe
- 'ge#####es.yahoo.com.br':80
- 'localhost':1036
- ge#####es.yahoo.com.br/sinistrao2008/atualizacao.txt
- ge#####es.yahoo.com.br/sinistrao2008/visitantes.txt
- ge#####es.yahoo.com.br/sinistrao2008/contador.txt
- DNS ASK ge#####es.yahoo.com.br
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'Indicator' WindowName: '(null)'