Code: p339 Severity: Warning
Description: This event is generated when an attempt is made to find the System directory on a target host with the RUX the Tick Trojan. Impact: If successful, the attacker would gain unauthorized access to the system, to upload and execute file on the target system. The attacker can use this function to upload additional backdoors to the victim's system and execute them. Corrective: Using Windows Task Manager, kill these processes: ruxserver.exe and server.exe. Use Windows Explorer to find ruxserver.exe and delete the file. Keep anti-virus programs updated with the latest definitions.
|
