Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Java(TM)Platform SE Auto Updater Safe Mode' = '"%APPDATA%\Java Update\jusched.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\adpchci] 'Start' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\Services\AcpiPmie] 'Start' = '00000000'
- Средство контроля пользовательских учетных записей (UAC)
- '%TEMP%\Java7u30_update.exe' /s
- '%TEMP%\Java7u30_update.exe' (загружен из сети Интернет)
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Associations] 'LowRiskFileTypes' = '.exe'
- <DRIVERS>\AcpiPmie.sys
- <DRIVERS>\adpchci.sys
- %APPDATA%\Java Update\jusched.exe
- %TEMP%\Java7u30_update.exe
- 'ja###l.sun.com':80
- 'se####.sytes.net':46600
- 'bi#.ly':80
- ja###l.sun.com/webapps/download/AutoDL?Bu############
- bi#.ly/1g4pzKV
- DNS ASK ja###l.sun.com
- DNS ASK se####.sytes.net
- DNS ASK bi#.ly
- ClassName: 'TFMain' WindowName: 'Java TM platform update 25'
- ClassName: '(null)' WindowName: 'GSecurity'
- ClassName: 'TApplication' WindowName: 'fClientRemote'
- ClassName: 'TFMain' WindowName: 'Java TM platform update 26'
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: 'TFMain' WindowName: 'Java TM platform update 27'
- ClassName: 'TFMain' WindowName: 'Java TM platform update 24'