Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Userinit' = '<SYSTEM32>\userinit.exe,%WINDIR%\mDNSResponder.exe'
- '%WINDIR%\mDNSResponder.exe'
- '%PROGRAM_FILES%\8888.exe'
- %WINDIR%\mDNSResponder.exe
- C:\MyTemp
- %PROGRAM_FILES%\8888.exe
- %PROGRAM_FILES%\Usp10.dll
- %PROGRAM_FILES%\8888.exe
- C:\MyTemp
- 'any':80
- DNS ASK m7##.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'