Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\twqpisrv] 'Start' = '00000002'
- скрытых файлов
- расширений файлов
- '%PROGRAM_FILES%\WinRAR\Formats\twqpisrv.exe'
- '%PROGRAM_FILES%\baidu\Toolbar\208817.exe'
- '%PROGRAM_FILES%\Tencent\qq\QQUpdate.exe'
- '%WINDIR%\explorer.exe' 39251
- %WINDIR%\explorer.exe
- %HOMEPATH%\Favorites\ОТµДhao123НшЦ·Ц®јТ-КµУГНшЦ·,ЛСЛчґуИ«,ѕЎФЪОТµДєГ123 www.5hao123.comЕ¬Б¦ЧцµЅёьєГµДЙПНшµјєЅ.url
- %HOMEPATH%\Favorites\Йъ»о121Нш-ГАєГЙъ»оєГ°йВВ.url
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Internet Explorer .lnk
- C:\temp.dat
- %TEMP%\00681578.tmp
- %HOMEPATH%\Favorites\Food365МмМмГАКіІЛЖЧНш.url
- %PROGRAM_FILES%\Tencent\qq\EThread.fne
- %PROGRAM_FILES%\baidu\Toolbar\208817.exe
- %PROGRAM_FILES%\Tencent\qq\krnln.fnr
- %HOMEPATH%\Favorites\QQ·ЗЦчБчАЦФ°(їХјдґъВл_ёцРФЗ©Гы_Н·Пс_НјЖ¬).url
- %PROGRAM_FILES%\Tencent\qq\QQUpdate.exe
- %PROGRAM_FILES%\WinRAR\Formats\twqpisrv.exe
- %PROGRAM_FILES%\baidu\Toolbar\208817.exe
- %TEMP%\00681578.tmp в %PROGRAM_FILES%\WinRAR\Formats\twqpisrv.exe
- '39###.rhelper.com':2088
- DNS ASK 39###.rhelper.com
- ClassName: '' WindowName: '????????????'
- ClassName: '' WindowName: '???????? ????'
- ClassName: '' WindowName: '????????????????'
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''