Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows Media SP.2.37' = '<SYSTEM32>\syserw.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows Media SP.315' = '<SYSTEM32>\sprite.exe'
- %WINDIR%\Temp\syserw.exe
- <SYSTEM32>\syserw.exe
- %WINDIR%\Temp\sprite.exe
- <SYSTEM32>\sprite.exe
- GUARD.EXE
- <SYSTEM32>\sprite.dll
- <SYSTEM32>\syserw.exe
- <SYSTEM32>\syserw.dll
- %WINDIR%\Temp\sprite.exe
- %WINDIR%\Temp\syserw.exe
- <SYSTEM32>\sprite.exe
- %WINDIR%\Temp\syserw.exe
- %WINDIR%\Temp\sprite.exe