Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'Btmchk' = '{29C0922C-85CA-45B4-AD39-158774B25D66}'
- %WINDIR%\Explorer.EXE
- %CommonProgramFiles%\winafx.log
- 'ea##cvc.com':80
- ea##cvc.com/form/xgate.php
- DNS ASK ea##cvc.com