Техническая информация
- <LS_APPDATA>\Xenocode\Sandbox\gPgyekGjdmflrmsAYJ\1.1.1.4\2012.05.19T15.31\Native\STUBEXE\8.0.1112\@WINDIR@\Microsoft.NET\Framework\v2.0.50727\vbc.exe /stext "%TEMP%\log3.txt"
- <LS_APPDATA>\Xenocode\Sandbox\gPgyekGjdmflrmsAYJ\1.1.1.4\2012.05.19T15.31\Native\STUBEXE\8.0.1112\@WINDIR@\Microsoft.NET\Framework\v2.0.50727\vbc.exe /stext "%TEMP%\log4.txt"
- <LS_APPDATA>\Xenocode\Sandbox\gPgyekGjdmflrmsAYJ\1.1.1.4\2012.05.19T15.31\Native\STUBEXE\8.0.1112\@WINDIR@\Microsoft.NET\Framework\v2.0.50727\vbc.exe /stext "%TEMP%\log4.txt" /stext "%TEMP%\log4.txt"
- <LS_APPDATA>\Xenocode\Sandbox\gPgyekGjdmflrmsAYJ\1.1.1.4\2012.05.19T15.31\Native\STUBEXE\8.0.1112\@WINDIR@\Microsoft.NET\Framework\v2.0.50727\vbc.exe /stext "%TEMP%\log2.txt"
- <LS_APPDATA>\Xenocode\Sandbox\gPgyekGjdmflrmsAYJ\1.1.1.4\2012.05.19T15.31\Virtual\STUBEXE\8.0.1112\@APPDIR@\FUD autoclick1.exe
- <LS_APPDATA>\Xenocode\Sandbox\gPgyekGjdmflrmsAYJ\1.1.1.4\2012.05.19T15.31\Native\STUBEXE\8.0.1112\@WINDIR@\Microsoft.NET\Framework\v2.0.50727\vbc.exe /stext "%TEMP%\log.txt"
- <LS_APPDATA>\Xenocode\Sandbox\gPgyekGjdmflrmsAYJ\1.1.1.4\2012.05.19T15.31\Native\STUBEXE\8.0.1112\@SYSTEM@\ntvdm.exe -f -i1
- %WINDIR%\Temp\scs1.tmp
- %WINDIR%\Temp\scs2.tmp
- %TEMP%\AutoClick.exe
- %WINDIR%\Temp\scs2.tmp
- %WINDIR%\Temp\scs1.tmp
- 'sm##.gmail.com':587
- 'au######on.whatismyip.com':80
- 'wp#d':80
- au######on.whatismyip.com/n09230945.asp
- wp#d/wpad.dat
- DNS ASK sm##.gmail.com
- DNS ASK au######on.whatismyip.com
- DNS ASK wp#d
- ClassName: 'ConsoleWindowClass' WindowName: 'ntvdm-bb4.bb8.390002'