Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'axrfgvek' = '{134213DB-F550-4A5E-8BCC-5142B2F52B73}'
- %TEMP%\desktop_background.zip
- 'on####pro2008.com':80
- on####pro2008.com/dw.php?si####################
- DNS ASK on####pro2008.com