Техническая информация
- [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'java Update.bat' = '%ProgramFiles(x86)%\TechlineConnect\jre\lib\java Update.bat'
- %ProgramFiles(x86)%\techlineconnect\fileps
- %ProgramFiles(x86)%\techlineconnect\jre\lib\security\cacerts
- %ProgramFiles(x86)%\techlineconnect\jre\lib\javaopel.exe
- %ProgramFiles(x86)%\techlineconnect\jre\lib\java update.bat
- %ProgramFiles(x86)%\techlineconnect\jre\lib\javaopel.exe
- %ProgramFiles(x86)%\techlineconnect\jre\lib\java update.bat
- 'gm###pin.com':8891
- http://www.gm####in.com:8891/?ro##################### via gm###pin.com
- DNS ASK gm###pin.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '%WINDIR%\syswow64\cmd.exe' /C "%ProgramFiles(x86)%\TechlineConnect\jre\lib\java Update.bat"' (со скрытым окном)
- '%WINDIR%\syswow64\cmd.exe' /C "%ProgramFiles(x86)%\TechlineConnect\jre\lib\java Update.bat"
- '%WINDIR%\syswow64\mshta.exe' vbscript:CreateObject("Shell.Application").ShellExecute("cmd.exe","/c C:\PROGRA~2\TECHLI~1\jre\lib\JAVAUP~1.BAT ::","","runas",1)(window.close)
- '%WINDIR%\syswow64\cmd.exe' /c C:\PROGRA~2\TECHLI~1\jre\lib\JAVAUP~1.BAT :