Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\HD-Audio 9.6.8.138.lnk
- ClassName: '', WindowName: 'Process Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'RegmonClass', WindowName: ''
- ClassName: '', WindowName: 'Registry Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'FilemonClass', WindowName: ''
- ClassName: '', WindowName: 'File Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'PROCMON_WINDOW_CLASS', WindowName: ''
- C:\YXzcb54.tmp\aHx.vbs
- %APPDATA%\RUT_settings\Logs\rms_log_2018-03.html
- C:\YXzcb54.tmp\vp8encoder.dll
- C:\YXzcb54.tmp\taskhostqi.exe
- 'ru##ls.com':563
- 'ru##ls.com':5655
- 'ru##ls.com':80
- http://ru##ls.com/utils/inet_id_notify.php?te####
- DNS ASK se####.rutils.com
- DNS ASK ru##ls.com
- ClassName: '' WindowName: 'Windows Security Alert'
- ClassName: '18467-41' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: '' WindowName: 'Iiiaauaiea nenoaiu aaciianiinoe Windows'
- 'C:\YXzcb54.tmp\taskhostqi.exe' -second
- '<SYSTEM32>\wscript.exe' "C:\YXzcb54.tmp\aHx.vbs"
- '<SYSTEM32>\attrib.exe' +h C:\YXzcb54.tmp