Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'CSRSS' = '%HOMEPATH%\Favorites\wininit.exe'
- '%HOMEPATH%\Favorites\wininit.exe'
- %HOMEPATH%\Favorites\wininit.exe
- %HOMEPATH%\Favorites\wininit.exe
- 're##low.ru':80
- 'he####obile.info':80
- re##low.ru/scripts/login.txt
- re##low.ru/scripts/pass.txt
- re##low.ru/scripts/config.txt
- re##low.ru/scripts/urls.php
- he####obile.info/scripts/login.txt
- he####obile.info/scripts/pass.txt
- he####obile.info/scripts/config.txt
- he####obile.info/scripts/urls.php
- DNS ASK re##low.ru
- DNS ASK he####obile.info
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'Indicator' WindowName: ''