Technical Information
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'SunJavaUpdateSched' = '%PROGRAMDATA%\svchost.exe'
- %TEMP%\rmvrmt16.exe
- %PROGRAMDATA%\svchost.exe
- 'yp##l.net':8085
- DNS ASK yp##l.net
- '%TEMP%\rmvrmt16.exe'
- '%TEMP%\rmvrmt16.exe' ' (with hidden window)
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\FirewallControlPanel.dll,ShowNotificationDialog /configure /ETOnly 0 /OnProfiles 6 /OtherAllowed 0 /OtherBlocked 0 /OtherEdgeAllowed 0 /NewBlocked 4 "<Full path to file>"