Trojan. remote manipulator system
*file
c:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Manipulator System - Host\Остановить Host.lnk
c:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Manipulator System - Host\Настройка Host.lnk
c:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Manipulator System - Host\Запустить Host.lnk
c:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Manipulator System - Host\Деинсталлировать Remote Manipulator System - Host.lnk
c:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Manipulator System - Host
c:\log\install.bat
c:\log\log.txt
c:\log\regedit.reg
c:\log\rfusclient.exe
c:\log\rutserv.exe
c:\log\start.vbs
c:\log\vp8decoder.dll
c:\log\vp8encoder.dll
c:\program files\radmin\help.cnt
c:\program files\radmin\help.hlp
c:\program files\radmin\license.txt
c:\program files\radmin\r_server.exe
c:\program files\radmin\raddrv.dll
c:\program files\radmin\radmin.exe
c:\program files\radmin\readme.txt
c:\program files\radmin\uninstal.exe
c:\program files\radmin\uninstal.ini
c:\program files\remote manipulator system - host\printer\x64\fwproc.exe
c:\program files\remote manipulator system - host\printer\x64\install.cmd
c:\program files\remote manipulator system - host\printer\x64\ntprint.inf
c:\program files\remote manipulator system - host\printer\x64\progress.exe
c:\program files\remote manipulator system - host\printer\x64\rms.gpd
c:\program files\remote manipulator system - host\printer\x64\rms.ini
c:\program files\remote manipulator system - host\printer\x64\rms.lng
c:\program files\remote manipulator system - host\printer\x64\rms_s.lng
c:\program files\remote manipulator system - host\printer\x64\rmspm.dll
c:\program files\remote manipulator system - host\printer\x64\rmsui.dll
c:\program files\remote manipulator system - host\printer\x64\rmsui2.exe
c:\program files\remote manipulator system - host\printer\x64\setupdrv.exe
c:\program files\remote manipulator system - host\printer\x64\srvinst_x64.exe
c:\program files\remote manipulator system - host\printer\x64\stdnames_vpd.gpd
c:\program files\remote manipulator system - host\printer\x64\unidrv_rms.dll
c:\program files\remote manipulator system - host\printer\x64\unidrv_rms.hlp
c:\program files\remote manipulator system - host\printer\x64\unidrv_rms.hlp
c:\program files\remote manipulator system - host\printer\x64\uninstall.cmd
c:\program files\remote manipulator system - host\printer\x64\unires_vpd.dll
c:\program files\remote manipulator system - host\printer\x64\vpdagent_x64.exe
c:\program files\remote manipulator system - host\printer\x86\fwproc.exe
c:\program files\remote manipulator system - host\printer\x86\install.cmd
c:\program files\remote manipulator system - host\printer\x86\ntprint.inf
c:\program files\remote manipulator system - host\printer\x86\progress.exe
c:\program files\remote manipulator system - host\printer\x86\rms.gpd
c:\program files\remote manipulator system - host\printer\x86\rms.ini
c:\program files\remote manipulator system - host\printer\x86\rms.lng
c:\program files\remote manipulator system - host\printer\x86\rms_s.lng
c:\program files\remote manipulator system - host\printer\x86\rmspm.dll
c:\program files\remote manipulator system - host\printer\x86\rmsui.dll
c:\program files\remote manipulator system - host\printer\x86\rmsui2.exe
c:\program files\remote manipulator system - host\printer\x86\setupdrv.exe
c:\program files\remote manipulator system - host\printer\x86\srvinst.exe
c:\program files\remote manipulator system - host\printer\x86\stdnames_vpd.gpd
c:\program files\remote manipulator system - host\printer\x86\unidrv_rms.dll
c:\program files\remote manipulator system - host\printer\x86\unidrv_rms.hlp
c:\program files\remote manipulator system - host\printer\x86\unidrv_rms.hlp
c:\program files\remote manipulator system - host\printer\x86\uninstall.cmd
c:\program files\remote manipulator system - host\printer\x86\unires_vpd.dll
c:\program files\remote manipulator system - host\printer\x86\vpdagent.exe
c:\program files\remote manipulator system - host\rfusclient.exe
c:\program files\remote manipulator system - host\ripcserver.dll
c:\program files\remote manipulator system - host\rutserv.exe
c:\program files\remote manipulator system - host\rwln.dll
c:\program files\remote manipulator system - host\vp8decoder.dll
c:\program files\remote manipulator system - host\vp8encoder.dll
c:\program files\remote manipulator system - host\webmmux.dll
c:\program files\remote manipulator system - host\webmvorbisdecoder.dll
c:\program files\remote manipulator system - host\webmvorbisencoder.dll
c:\program files\remote utilities - host\printer\x64\fwproc_x64.exe
c:\program files\remote utilities - host\printer\x64\install.cmd
c:\program files\remote utilities - host\printer\x64\ntprint.inf
c:\program files\remote utilities - host\printer\x64\progress.exe
c:\program files\remote utilities - host\printer\x64\rup.gpd
c:\program files\remote utilities - host\printer\x64\rup.ini
c:\program files\remote utilities - host\printer\x64\rup.lng
c:\program files\remote utilities - host\printer\x64\rup_s.lng
c:\program files\remote utilities - host\printer\x64\ruppm.dll
c:\program files\remote utilities - host\printer\x64\rupui.dll
c:\program files\remote utilities - host\printer\x64\rupui2.exe
c:\program files\remote utilities - host\printer\x64\setupdrv.exe
c:\program files\remote utilities - host\printer\x64\srvinst_x64.exe
c:\program files\remote utilities - host\printer\x64\stdnames_vpd.gpd
c:\program files\remote utilities - host\printer\x64\unidrv_rup.dll
c:\program files\remote utilities - host\printer\x64\unidrv_rup.hlp
c:\program files\remote utilities - host\printer\x64\unidrvui_rup.dll
c:\program files\remote utilities - host\printer\x64\uninstall.cmd
c:\program files\remote utilities - host\printer\x64\unires_vpd.dll
c:\program files\remote utilities - host\printer\x64\vpdagent_x64.exe
c:\program files\remote utilities - host\printer\x86\fwproc.exe
c:\program files\remote utilities - host\printer\x86\install.cmd
c:\program files\remote utilities - host\printer\x86\ntprint.inf
c:\program files\remote utilities - host\printer\x86\progress.exe
c:\program files\remote utilities - host\printer\x86\rup.gpd
c:\program files\assistance futurcom\unins000.exe
c:\program files\assistance futurcom\unins000.dat
*reg_key
HKLM\SOFTWARE\RMSPrinter
HKLM\SOFTWARE\Classes\Installer\Products\13A941B963765914F811F4CD6F8DD41E
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1abe421e8cfc34144AACB9676F71902E
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2A013281E9DC1714CA1DA3DE2D061AF5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6364F69515D55F943B4B3F3C669ECD32
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6EDC4423414699340B5D245426472701
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E45BAE6295648E74689FC47BF4E730EB
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E5052F47A02BDEA469F8EAB572D83BA8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\13A941B963765914F811F4CD6F8DD41E
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9B149A31-6736-4195-8F11-4FDCF6D84DE1}
HKLM\SYSTEM\Remote Manipulator System
PUP. lyoness Cashback
