Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'mgxfebsq' = '{36FB12CD-F4AC-4493-A330-1DA646F36A58}'
- %TEMP%\desktop_background.zip
- 'on####pro-2008.com':80
- on####pro-2008.com/dw.php?si####################
- DNS ASK on####pro-2008.com