Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\IM DDOS] 'Start' = '00000002'
- '<SYSTEM32>\dqvhqi.exe' -p 3228 -e 76 -g
- '<SYSTEM32>\dqvhqi.exe' -p 3296 -e 76 -g
- '<SYSTEM32>\dqvhqi.exe' -p 3756 -e 76 -g
- '<SYSTEM32>\dqvhqi.exe' -p 2656 -e 76 -g
- '<SYSTEM32>\dqvhqi.exe' -p 2472 -e 76 -g
- '<SYSTEM32>\dqvhqi.exe' -d %TEMP%\WERf27b.dir00\manifest.txt
- '<SYSTEM32>\dqvhqi.exe' -p 3792 -e 76 -g
- '<SYSTEM32>\dqvhqi.exe' -p 3964 -e 76 -g
- '<SYSTEM32>\dqvhqi.exe' -p 3848 -e 76 -g
- '<SYSTEM32>\dqvhqi.exe' -p 3568 -e 76 -g
- '<SYSTEM32>\dqvhqi.exe'
- '<SYSTEM32>\dqvhqi.exe' -p 3412 -e 76 -g
- '<SYSTEM32>\dqvhqi.exe' -p 3664 -e 76 -g
- '<SYSTEM32>\dqvhqi.exe' -p 3732 -e 76 -g
- '<SYSTEM32>\dqvhqi.exe' -p 3612 -e 76 -g
- '<SYSTEM32>\dqvhqi.exe' -p 3652 -e 76 -g
- <SYSTEM32>\drwtsn32.exe
- <SYSTEM32>\drwtsn32.exe
- %TEMP%\WERf27b.dir00\dqvhqi.exe.hdmp
- %TEMP%\WERf27b.dir00\appcompat.txt
- %TEMP%\WERf27b.dir00\manifest.txt
- <SYSTEM32>\dqvhqi.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\Dr Watson\user.dmp
- %TEMP%\WERf27b.dir00\dqvhqi.exe.mdmp
- <SYSTEM32>\wbem\Logs\wbemess.lo_
- 'localhost':2323
- ClassName: 'Shell_TrayWnd' WindowName: ''