Техническая информация
- '<SYSTEM32>\regsvr32.exe' -s %TEMP%\\wmv.dll
- [<HKLM>\Software\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{A9F81D8B-04F9-4054-AEE5-F75DD71F0992}']
- [<HKLM>\SOFTWARE\Classes\CLSID\{A9F81D8B-04F9-4054-AEE5-F75DD71F0992}\InprocServer32] '' = '%TEMP%\\wmv.dll'
- %TEMP%\wmv.dll
- 'www.ho###-ama.de':80
- http://www.ho###-ama.de/up2.gif
- DNS ASK www.ho###-ama.de