Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'eqvwamkl' = '{CC81B031-7C1E-4CC2-8ED6-B78BBB5FCB3C}'
- %TEMP%\desktop_background.zip
- 'on####pro2008.com':80
- on####pro2008.com/dw.php?si####################
- DNS ASK on####pro2008.com