Техническая информация
- '<SYSTEM32>\taskkill.exe' /f /im rfusclient.exe
- '<SYSTEM32>\taskkill.exe' /f /im rutserv.exe
- C:\Program\vp8decoder.dll
- C:\Program\rutserv.exe
- C:\Program\vp8encoder.dll
- C:\Program\install.vbs
- C:\Program\regedit.reg
- %ProgramFiles%\Microsoft Games\0.bat
- %ProgramFiles%\Microsoft Games\111.txt
- %ProgramFiles%\Microsoft Games\RMS.exe
- C:\Program\rfusclient.exe
- C:\Program\install.bat
- 'yo##ube.com':443
- 'localhost':1036
- DNS ASK www.yo##ube.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: '' WindowName: ''
- '<SYSTEM32>\wscript.exe' "c:\Program\install.vbs"
- '%ProgramFiles%\Microsoft Games\RMS.exe' -p123 -d%ProgramFiles%\0
- '<SYSTEM32>\notepad.exe' %ProgramFiles%\Microsoft Games\111.txt
- '<SYSTEM32>\reg.exe' delete "HKLM\SYSTEM\Remote Manipulator System" /f
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' -nohome
- '<SYSTEM32>\cmd.exe' /c ""%ProgramFiles%\Microsoft Games\0.bat" "
- '<SYSTEM32>\cmd.exe' /c ""c:\Program\install.bat" "