Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'wextract_cleanup0' = 'rundll32.exe <SYSTEM32>\advpack.dll,DelNodeRunDLL32 "%TEMP%\IXP000.TMP\"'
- '%TEMP%\IXP000.TMP\MessengerReviver.exe'
- '%TEMP%\MessengerReviver.exe'
- '%PROGRAM_FILES%\Jonathan Kay\Messenger Reviver 2\MessengerReviver-2-2-2.exe'
- '%PROGRAM_FILES%\Jonathan Kay\Messenger Reviver 2\MSNUpdate.exe'
- %TEMP%\IXP000.TMP\MessengerReviver.exe
- %PROGRAM_FILES%\Jonathan Kay\Messenger Reviver 2\Uninstall.ini
- %TEMP%\dw.log
- %TEMP%\408C6.dmp
- %TEMP%\MessengerReviver.exe
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- %PROGRAM_FILES%\Jonathan Kay\Messenger Reviver 2\MessengerReviver-2-2-2.exe
- %PROGRAM_FILES%\Jonathan Kay\Messenger Reviver 2\Uninstall.exe
- %PROGRAM_FILES%\Jonathan Kay\Messenger Reviver 2\MSNUpdate.exe
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- 'me######r.jonathankay.com':80
- 'wp#d':80
- me######r.jonathankay.com/msgrlinkreviver/version.aspx?ve#########
- wp#d/wpad.dat
- DNS ASK me######r.jonathankay.com
- DNS ASK wp#d
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'