Pour les utilisateurs

Fermer

Bibliothèque
Ma bibliothèque

+ Ajouter à la bibliothèque

Recherche
Recherche

Contacter-nous !
Support 24/24 | Rules regarding submitting

Envoyer un message

Requête à l'aide du formulaire

Nous téléphoner

0 825 300 230

Forum

Vos requêtes

  • Toutes : -
  • Non clôturées : -
  • Dernière : le -
Créer une nouvelle requête

Nous téléphoner

0 825 300 230

Profil

FR

RU CN DE EN ES FR IT JP KZ UZ PL BY
Fermer
Services support
Scanners
Dr.Web vxCube
Démo
Bibliothèque virale
Base documentaire

TECHNOLOGIES

TERMINOLOGIE

COURS ET EDU

MYTHES

Actualités

Trojan.KillFiles.62195

Added to the Dr.Web virus database: 2018-01-14

Virus description added:

Technical Information

To ensure autorun and distribution:
Creates or modifies the following files:
  • %WINDIR%\system.ini
Creates the following files on removable media:
  • <Drive name for removable media>:\FILE1.[maykolin1234@aol.com]
  • <Drive name for removable media>:\README.maykolin1234@aol.com.txt
Malicious functions:
To complicate detection of its presence in the operating system,
deletes volume shadow copies.
Modifies file system:
Creates the following files:
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\GdiPlus.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.0.0_x-ww_8d353f13\GdiPlus.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcirt.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcirt.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll.[maykolin1234@aol.com]
  • %WINDIR%\XXInstall\Scripts\WindowsKiller.ini.[maykolin1234@aol.com]
  • <WINDOWS_KILLER>.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_en_16a24bc0\rtcres.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\6.0.2600.2180.cat.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.7.0.Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_x-ww_a317e4b3\7.0.2600.2180.Policy.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.7.0.Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_x-ww_a317e4b3\7.0.2600.2180.cat.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\6.0.2600.2180.Policy.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.5.2.Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_x-ww_362e60dd\5.2.2.3.cat.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.5.2.Microsoft.Windows.Networking.Rtcdll_6595b64144ccf1df_x-ww_c7b7206f\5.2.2.3.Policy.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.5.2.Microsoft.Windows.Networking.Rtcdll_6595b64144ccf1df_x-ww_c7b7206f\5.2.2.3.cat.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_x-ww_77c24773\8.0.50727.42.policy.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_x-ww_77c24773\8.0.50727.42.cat.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_x-ww_77c24773\8.0.50727.3053.policy.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_x-ww_77c24773\8.0.50727.762.cat.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_x-ww_5f0bbcff\8.0.50727.762.policy.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_x-ww_5f0bbcff\8.0.50727.762.cat.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_x-ww_77c24773\8.0.50727.762.policy.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.5.2.Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_x-ww_362e60dd\5.2.2.3.Policy.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Manifests\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.0.0_x-ww_ff9986d7.Manifest.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Manifests\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.0.0_x-ww_ff9986d7.cat.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Manifests\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5.manifest.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Manifests\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474.cat.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Manifests\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca.manifest.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Manifests\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca.cat.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Manifests\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474.manifest.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.1.0.Microsoft.Windows.GdiPlus_6595b64144ccf1df_x-ww_4e8510ac\1.0.2600.2180.cat.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.5.1.Microsoft.Windows.SystemCompatible_6595b64144ccf1df_x-ww_a0111510\5.1.2600.2000.Policy.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.5.1.Microsoft.Windows.SystemCompatible_6595b64144ccf1df_x-ww_a0111510\5.1.2600.2000.cat.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.1.0.Microsoft.Windows.GdiPlus_6595b64144ccf1df_x-ww_4e8510ac\1.0.2600.2180.Policy.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Manifests\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e.manifest.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5\Microsoft.Workflow.Compiler.exe.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.0.0_x-ww_ff9986d7\msvcp60.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.0.0_x-ww_ff9986d7\mfc42u.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.0.0_x-ww_ff9986d7\mfc42.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_x-ww_6ad67377\9.0.30729.4148.cat.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_x-ww_4ee8bb30\9.0.30729.4148.policy.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_x-ww_4ee8bb30\9.0.30729.4148.cat.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_x-ww_6ad67377\9.0.30729.4148.policy.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.0.0_x-ww_ff9986d7\atl.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_x-ww_b8438ace\9.0.30729.4148.cat.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_x-ww_0f75c32e\8.0.50727.762.cat.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_x-ww_7d81c9f9\8.0.50727.762.policy.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_x-ww_7d81c9f9\8.0.50727.762.cat.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_x-ww_0f75c32e\8.0.50727.762.policy.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_x-ww_77c24773\8.0.50727.3053.cat.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_x-ww_caeee150\8.0.50727.762.policy.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_x-ww_caeee150\8.0.50727.762.cat.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_x-ww_b7353f75\9.0.21022.8.policy.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_x-ww_b7353f75\9.0.21022.8.cat.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_x-ww_b8438ace\9.0.30729.4148.policy.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_x-ww_b7353f75\9.0.30729.4148.cat.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_x-ww_9e7eb501\9.0.30729.4148.policy.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_x-ww_9e7eb501\9.0.30729.4148.cat.[maykolin1234@aol.com]
  • %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_x-ww_b7353f75\9.0.30729.4148.policy.[maykolin1234@aol.com]
  • %WINDIR%\XXInstall\Scripts\taskmgr.reg.[maykolin1234@aol.com]
  • %WINDIR%\Rhododendron.bmp.[maykolin1234@aol.com]
  • %WINDIR%\regopt.log.[maykolin1234@aol.com]
  • %WINDIR%\REGLOCS.OLD.[maykolin1234@aol.com]
  • %WINDIR%\River Sumida.bmp.[maykolin1234@aol.com]
  • %WINDIR%\SET3.tmp.[maykolin1234@aol.com]
  • %WINDIR%\sessmgr.setup.log.[maykolin1234@aol.com]
  • %WINDIR%\Santa Fe Stucco.bmp.[maykolin1234@aol.com]
  • %WINDIR%\ODBCINST.INI.[maykolin1234@aol.com]
  • %WINDIR%\ocmsn.log.[maykolin1234@aol.com]
  • %WINDIR%\ocgen.log.[maykolin1234@aol.com]
  • %WINDIR%\hh.exe.new
  • %WINDIR%\regedit.exe.[maykolin1234@aol.com]
  • %WINDIR%\Prairie Wind.bmp.[maykolin1234@aol.com]
  • %WINDIR%\OEWABLog.txt.[maykolin1234@aol.com]
  • %WINDIR%\SET4.tmp.[maykolin1234@aol.com]
  • %WINDIR%\TASKMAN.EXE.[maykolin1234@aol.com]
  • %WINDIR%\tabletoc.log.[maykolin1234@aol.com]
  • %WINDIR%\spupdsvc.log.[maykolin1234@aol.com]
  • %WINDIR%\notepad.exe.new
  • %WINDIR%\regedit.exe.new
  • <SYSTEM32>\dllcache\hh.exe.new
  • %WINDIR%\tsoc.log.[maykolin1234@aol.com]
  • %WINDIR%\setupapi.log.[maykolin1234@aol.com]
  • %WINDIR%\setupact.log.[maykolin1234@aol.com]
  • %WINDIR%\SET8.tmp.[maykolin1234@aol.com]
  • %WINDIR%\setuplog.txt.[maykolin1234@aol.com]
  • %WINDIR%\Soap Bubbles.bmp.[maykolin1234@aol.com]
  • %WINDIR%\sleep.exe.[maykolin1234@aol.com]
  • %WINDIR%\sfk.exe.[maykolin1234@aol.com]
  • %WINDIR%\COM+.log.[maykolin1234@aol.com]
  • %WINDIR%\Coffee Bean.bmp.[maykolin1234@aol.com]
  • %WINDIR%\clock.avi.[maykolin1234@aol.com]
  • %WINDIR%\comsetup.log.[maykolin1234@aol.com]
  • %WINDIR%\FaxSetup.log.[maykolin1234@aol.com]
  • <Current directory>\del0.txt
  • %WINDIR%\explorer.exe.[maykolin1234@aol.com]
  • C:\temp0.tmp
  • <Current directory>\crypt2.txt
  • <Current directory>\crypt0.txt
  • <Current directory>\errors0.txt
  • %WINDIR%\bootstat.dat.[maykolin1234@aol.com]
  • %WINDIR%\Blue Lace 16.bmp.[maykolin1234@aol.com]
  • C:\startup_local.bat.[maykolin1234@aol.com]
  • %WINDIR%\FeatherTexture.bmp.[maykolin1234@aol.com]
  • %WINDIR%\msgsocm.log.[maykolin1234@aol.com]
  • %WINDIR%\msdfmap.ini.[maykolin1234@aol.com]
  • %WINDIR%\MedCtrOC.log.[maykolin1234@aol.com]
  • %WINDIR%\msmqinst.log.[maykolin1234@aol.com]
  • %WINDIR%\ntdtcsetup.log.[maykolin1234@aol.com]
  • %WINDIR%\NOTEPAD.EXE.[maykolin1234@aol.com]
  • %WINDIR%\netfxocm.log.[maykolin1234@aol.com]
  • %WINDIR%\hh.exe.[maykolin1234@aol.com]
  • %WINDIR%\Greenstone.bmp.[maykolin1234@aol.com]
  • %WINDIR%\Gone Fishing.bmp.[maykolin1234@aol.com]
  • %WINDIR%\iis6.log.[maykolin1234@aol.com]
  • %WINDIR%\KB942288-v3.log.[maykolin1234@aol.com]
  • %WINDIR%\imsins.log.[maykolin1234@aol.com]
  • %WINDIR%\imsins.BAK.[maykolin1234@aol.com]
  • %WINDIR%\XXInstall\Scripts\apply_theme.vbs.[maykolin1234@aol.com]
  • %WINDIR%\XXInstall\Scripts\antivm.exe.[maykolin1234@aol.com]
  • <SYSTEM32>\dllcache\taskman.exe.new
  • %WINDIR%\XXInstall\Scripts\bcode-start-stop.vbs.[maykolin1234@aol.com]
  • %WINDIR%\XXInstall\Scripts\eventmon-setup.vbs.[maykolin1234@aol.com]
  • %WINDIR%\XXInstall\Scripts\CompleteDump.reg.[maykolin1234@aol.com]
  • %WINDIR%\XXInstall\Scripts\bcode-stop.vbs.[maykolin1234@aol.com]
  • %WINDIR%\twunk_16.exe.new
  • %WINDIR%\twain_32.dll.new
  • %WINDIR%\twain.dll.new
  • %WINDIR%\twunk_32.exe.new
  • %WINDIR%\winhlp32.exe.new
  • %WINDIR%\winhelp.exe.new
  • %WINDIR%\vmmreg32.dll.new
  • %WINDIR%\XXInstall\Scripts\eventmon-startlog.vbs.[maykolin1234@aol.com]
  • <SYSTEM32>\dllcache\winhelp.exe.new
  • <SYSTEM32>\dllcache\vmmreg32.dll.new
  • <SYSTEM32>\dllcache\twunk_32.exe.new
  • <SYSTEM32>\dllcache\winhlp32.exe.new
  • %WINDIR%\XXInstall\Scripts\startup_bsod.bat.[maykolin1234@aol.com]
  • %WINDIR%\XXInstall\Scripts\smart_assembly_fix.reg.[maykolin1234@aol.com]
  • %WINDIR%\XXInstall\Scripts\prefs.js.[maykolin1234@aol.com]
  • %WINDIR%\XXInstall\Scripts\kill_windows.vbs.[maykolin1234@aol.com]
  • %WINDIR%\XXInstall\Scripts\kill_saves.vbs.[maykolin1234@aol.com]
  • %WINDIR%\XXInstall\Scripts\KernelDump.reg.[maykolin1234@aol.com]
  • %WINDIR%\XXInstall\Scripts\LanDisabler.vbs.[maykolin1234@aol.com]
  • <SYSTEM32>\dllcache\twunk_16.exe.new
  • <SYSTEM32>\dllcache\twain_32.dll.new
  • <SYSTEM32>\dllcache\twain.dll.new
  • %WINDIR%\winhelp.exe.[maykolin1234@aol.com]
  • %WINDIR%\WindowsUpdate.log.[maykolin1234@aol.com]
  • %WINDIR%\win.ini.[maykolin1234@aol.com]
  • %WINDIR%\winhlp32.exe.[maykolin1234@aol.com]
  • <SYSTEM32>\dllcache\notepad.exe.new
  • %WINDIR%\taskman.exe.new
  • %WINDIR%\wmsetup.log.[maykolin1234@aol.com]
  • %WINDIR%\twunk_16.exe.[maykolin1234@aol.com]
  • %WINDIR%\twain_32.dll.[maykolin1234@aol.com]
  • %WINDIR%\twain.dll.[maykolin1234@aol.com]
  • %WINDIR%\twunk_32.exe.[maykolin1234@aol.com]
  • %WINDIR%\wiadebug.log.[maykolin1234@aol.com]
  • %WINDIR%\vmmreg32.dll.[maykolin1234@aol.com]
  • %WINDIR%\updspapi.log.[maykolin1234@aol.com]
  • %WINDIR%\WMSysPr9.prx.[maykolin1234@aol.com]
  • %WINDIR%\XXInstall\install_small.bat.[maykolin1234@aol.com]
  • %WINDIR%\XXInstall\install_ar.bat.[maykolin1234@aol.com]
  • %WINDIR%\XXInstall\install.bat.[maykolin1234@aol.com]
  • %WINDIR%\XXInstall\ps.exe.[maykolin1234@aol.com]
  • <SYSTEM32>\dllcache\regedit.exe.new
  • %WINDIR%\XXInstall\vminstall.exe.[maykolin1234@aol.com]
  • %WINDIR%\XXInstall\screen.exe.[maykolin1234@aol.com]
  • %WINDIR%\XXInstall\cmdow.exe.[maykolin1234@aol.com]
  • %WINDIR%\_default.pif.[maykolin1234@aol.com]
  • %WINDIR%\Zapotec.bmp.[maykolin1234@aol.com]
  • %WINDIR%\XXInstall\devcon.exe.[maykolin1234@aol.com]
  • %WINDIR%\XXInstall\hashdeep.exe.[maykolin1234@aol.com]
  • %WINDIR%\XXInstall\exdir.exe.[maykolin1234@aol.com]
  • %WINDIR%\XXInstall\events.exe.[maykolin1234@aol.com]
Deletes the following files:
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
  • %WINDIR%\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
  • %WINDIR%\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
  • %WINDIR%\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcirt.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
  • %WINDIR%\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
  • %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
  • %WINDIR%\WinSxS\Policies\x86_policy.5.2.Microsoft.Windows.Networking.Rtcdll_6595b64144ccf1df_x-ww_c7b7206f\5.2.2.3.cat
  • %WINDIR%\WinSxS\Policies\x86_policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\6.0.2600.2180.Policy
  • %WINDIR%\WinSxS\Policies\x86_policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\6.0.2600.2180.cat
  • %WINDIR%\WinSxS\Policies\x86_policy.5.2.Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_x-ww_362e60dd\5.2.2.3.Policy
  • %WINDIR%\WinSxS\Policies\x86_policy.5.2.Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_x-ww_362e60dd\5.2.2.3.cat
  • %WINDIR%\WinSxS\Policies\x86_policy.5.2.Microsoft.Windows.Networking.Rtcdll_6595b64144ccf1df_x-ww_c7b7206f\5.2.2.3.Policy
  • %WINDIR%\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_x-ww_5f0bbcff\8.0.50727.762.cat
  • %WINDIR%\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_x-ww_77c24773\8.0.50727.762.policy
  • %WINDIR%\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_x-ww_77c24773\8.0.50727.762.cat
  • %WINDIR%\WinSxS\Policies\x86_policy.7.0.Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_x-ww_a317e4b3\7.0.2600.2180.Policy
  • %WINDIR%\WinSxS\Policies\x86_policy.7.0.Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_x-ww_a317e4b3\7.0.2600.2180.cat
  • %WINDIR%\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_x-ww_5f0bbcff\8.0.50727.762.policy
  • %WINDIR%\WinSxS\Policies\x86_policy.5.1.Microsoft.Windows.SystemCompatible_6595b64144ccf1df_x-ww_a0111510\5.1.2600.2000.cat
  • %WINDIR%\WinSxS\Manifests\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.0.0_x-ww_ff9986d7.Manifest
  • %WINDIR%\WinSxS\Manifests\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.0.0_x-ww_ff9986d7.cat
  • %WINDIR%\WinSxS\Manifests\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5.manifest
  • %WINDIR%\WinSxS\Manifests\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca.cat
  • %WINDIR%\WinSxS\Manifests\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474.manifest
  • %WINDIR%\WinSxS\Manifests\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474.cat
  • %WINDIR%\WinSxS\Policies\x86_policy.1.0.Microsoft.Windows.GdiPlus_6595b64144ccf1df_x-ww_4e8510ac\1.0.2600.2180.Policy
  • %WINDIR%\WinSxS\Policies\x86_policy.1.0.Microsoft.Windows.GdiPlus_6595b64144ccf1df_x-ww_4e8510ac\1.0.2600.2180.cat
  • %WINDIR%\WinSxS\Policies\x86_policy.5.1.Microsoft.Windows.SystemCompatible_6595b64144ccf1df_x-ww_a0111510\5.1.2600.2000.Policy
  • %WINDIR%\WinSxS\Manifests\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e.manifest
  • %WINDIR%\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
  • %WINDIR%\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5\Microsoft.Workflow.Compiler.exe
  • %WINDIR%\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_x-ww_77c24773\8.0.50727.42.policy
  • %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_x-ww_b8438ace\9.0.30729.4148.cat
  • %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_x-ww_4ee8bb30\9.0.30729.4148.policy
  • %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_x-ww_4ee8bb30\9.0.30729.4148.cat
  • %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_x-ww_b7353f75\9.0.21022.8.policy
  • %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_x-ww_b7353f75\9.0.21022.8.cat
  • %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_x-ww_b8438ace\9.0.30729.4148.policy
  • %WINDIR%\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.0.0_x-ww_ff9986d7\mfc42u.dll
  • %WINDIR%\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.0.0_x-ww_ff9986d7\mfc42.dll
  • %WINDIR%\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.0.0_x-ww_ff9986d7\atl.dll
  • %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_x-ww_6ad67377\9.0.30729.4148.policy
  • %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_x-ww_6ad67377\9.0.30729.4148.cat
  • %WINDIR%\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.0.0_x-ww_ff9986d7\msvcp60.dll
  • %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_x-ww_b7353f75\9.0.30729.4148.cat
  • %WINDIR%\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_x-ww_caeee150\8.0.50727.762.policy
  • %WINDIR%\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_x-ww_caeee150\8.0.50727.762.cat
  • %WINDIR%\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_x-ww_0f75c32e\8.0.50727.762.policy
  • %WINDIR%\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_x-ww_77c24773\8.0.50727.42.cat
  • %WINDIR%\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_x-ww_77c24773\8.0.50727.3053.policy
  • %WINDIR%\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_x-ww_77c24773\8.0.50727.3053.cat
  • %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_x-ww_9e7eb501\9.0.30729.4148.policy
  • %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_x-ww_9e7eb501\9.0.30729.4148.cat
  • %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_x-ww_b7353f75\9.0.30729.4148.policy
  • %WINDIR%\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_x-ww_0f75c32e\8.0.50727.762.cat
  • %WINDIR%\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_x-ww_7d81c9f9\8.0.50727.762.policy
  • %WINDIR%\WinSxS\Policies\x86_policy.8.0.Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_x-ww_7d81c9f9\8.0.50727.762.cat
  • %WINDIR%\Santa Fe Stucco.bmp
  • %WINDIR%\River Sumida.bmp
  • %WINDIR%\Rhododendron.bmp
  • %WINDIR%\SET4.tmp
  • %WINDIR%\SET3.tmp
  • %WINDIR%\sessmgr.setup.log
  • %WINDIR%\Prairie Wind.bmp
  • %WINDIR%\OEWABLog.txt
  • %WINDIR%\ODBCINST.INI
  • %WINDIR%\regopt.log
  • %WINDIR%\REGLOCS.OLD
  • %WINDIR%\regedit.exe
  • %WINDIR%\SET8.tmp
  • %WINDIR%\TASKMAN.EXE
  • %WINDIR%\tabletoc.log
  • %WINDIR%\spupdsvc.log
  • %WINDIR%\twain_32.dll
  • %WINDIR%\twain.dll
  • %WINDIR%\tsoc.log
  • %WINDIR%\setuplog.txt
  • %WINDIR%\setupapi.log
  • %WINDIR%\setupact.log
  • %WINDIR%\Soap Bubbles.bmp
  • %WINDIR%\sleep.exe
  • %WINDIR%\sfk.exe
  • %WINDIR%\ocmsn.log
  • %WINDIR%\FaxSetup.log
  • %WINDIR%\explorer.exe
  • %WINDIR%\comsetup.log
  • %WINDIR%\Greenstone.bmp
  • %WINDIR%\Gone Fishing.bmp
  • %WINDIR%\FeatherTexture.bmp
  • %WINDIR%\bootstat.dat
  • %WINDIR%\Blue Lace 16.bmp
  • C:\temp0.tmp
  • %WINDIR%\COM+.log
  • %WINDIR%\Coffee Bean.bmp
  • %WINDIR%\clock.avi
  • %WINDIR%\hh.exe
  • %WINDIR%\netfxocm.log
  • %WINDIR%\msmqinst.log
  • %WINDIR%\msgsocm.log
  • %WINDIR%\ocgen.log
  • %WINDIR%\ntdtcsetup.log
  • %WINDIR%\NOTEPAD.EXE
  • %WINDIR%\imsins.log
  • %WINDIR%\imsins.BAK
  • %WINDIR%\iis6.log
  • %WINDIR%\msdfmap.ini
  • %WINDIR%\MedCtrOC.log
  • %WINDIR%\KB942288-v3.log
  • %WINDIR%\XXInstall\Scripts\LanDisabler.vbs
  • %WINDIR%\XXInstall\Scripts\kill_windows.vbs
  • %WINDIR%\XXInstall\Scripts\kill_saves.vbs
  • %WINDIR%\XXInstall\Scripts\startup_bsod.bat
  • %WINDIR%\XXInstall\Scripts\smart_assembly_fix.reg
  • %WINDIR%\XXInstall\Scripts\prefs.js
  • %WINDIR%\XXInstall\Scripts\CompleteDump.reg
  • %WINDIR%\XXInstall\Scripts\bcode-stop.vbs
  • %WINDIR%\XXInstall\Scripts\bcode-start-stop.vbs
  • %WINDIR%\XXInstall\Scripts\KernelDump.reg
  • %WINDIR%\XXInstall\Scripts\eventmon-startlog.vbs
  • %WINDIR%\XXInstall\Scripts\eventmon-setup.vbs
  • %WINDIR%\XXInstall\Scripts\taskmgr.reg
  • %WINDIR%\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\GdiPlus.dll
  • %WINDIR%\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll
  • %WINDIR%\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll
  • %WINDIR%\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
  • %WINDIR%\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcirt.dll
  • %WINDIR%\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.0.0_x-ww_8d353f13\GdiPlus.dll
  • %WINDIR%\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll
  • %WINDIR%\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll
  • %WINDIR%\XXInstall\Scripts\WindowsKiller.ini
  • %WINDIR%\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_en_16a24bc0\rtcres.dll
  • %WINDIR%\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
  • %WINDIR%\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
  • %WINDIR%\XXInstall\Scripts\apply_theme.vbs
  • %WINDIR%\winhlp32.exe
  • %WINDIR%\winhelp.exe
  • %WINDIR%\WindowsUpdate.log
  • %WINDIR%\Zapotec.bmp
  • %WINDIR%\WMSysPr9.prx
  • %WINDIR%\wmsetup.log
  • %WINDIR%\updspapi.log
  • %WINDIR%\twunk_32.exe
  • %WINDIR%\twunk_16.exe
  • %WINDIR%\win.ini
  • %WINDIR%\wiadebug.log
  • %WINDIR%\vmmreg32.dll
  • %WINDIR%\_default.pif
  • %WINDIR%\XXInstall\ps.exe
  • %WINDIR%\XXInstall\install_small.bat
  • %WINDIR%\XXInstall\install_ar.bat
  • %WINDIR%\XXInstall\Scripts\antivm.exe
  • %WINDIR%\XXInstall\vminstall.exe
  • %WINDIR%\XXInstall\screen.exe
  • %WINDIR%\XXInstall\events.exe
  • %WINDIR%\XXInstall\devcon.exe
  • %WINDIR%\XXInstall\cmdow.exe
  • %WINDIR%\XXInstall\install.bat
  • %WINDIR%\XXInstall\hashdeep.exe
  • %WINDIR%\XXInstall\exdir.exe
Moves the following system files:
  • from %WINDIR%\XXInstall\Scripts\ipv6_disable.reg to %WINDIR%\XXInstall\Scripts\ipv6_disable.reg.[maykolin1234@aol.com]
  • from %WINDIR%\XXInstall\Scripts\ncsi_disable.reg to %WINDIR%\XXInstall\Scripts\ncsi_disable.reg.[maykolin1234@aol.com]
  • from %WINDIR%\XXInstall\Scripts\noballon.reg to %WINDIR%\XXInstall\Scripts\noballon.reg.[maykolin1234@aol.com]
  • from %WINDIR%\wiaservc.log to %WINDIR%\wiaservc.log.[maykolin1234@aol.com]
  • from %WINDIR%\XXInstall\Scripts\antivm.bat to %WINDIR%\XXInstall\Scripts\antivm.bat.[maykolin1234@aol.com]
  • from %WINDIR%\XXInstall\Scripts\bcode-start.vbs to %WINDIR%\XXInstall\Scripts\bcode-start.vbs.[maykolin1234@aol.com]
  • from %WINDIR%\XXInstall\Scripts\reboot_on_bsod.reg to %WINDIR%\XXInstall\Scripts\reboot_on_bsod.reg.[maykolin1234@aol.com]
  • from %WINDIR%\XXInstall\Scripts\safely.reg to %WINDIR%\XXInstall\Scripts\safely.reg.[maykolin1234@aol.com]
  • from %WINDIR%\XXInstall\Scripts\startup_ar.bat to %WINDIR%\XXInstall\Scripts\startup_ar.bat.[maykolin1234@aol.com]
  • from %WINDIR%\XXInstall\Scripts\norun.reg to %WINDIR%\XXInstall\Scripts\norun.reg.[maykolin1234@aol.com]
  • from %WINDIR%\XXInstall\Scripts\not_collect_offline.reg to %WINDIR%\XXInstall\Scripts\not_collect_offline.reg.[maykolin1234@aol.com]
  • from %WINDIR%\XXInstall\Scripts\perf.reg to %WINDIR%\XXInstall\Scripts\perf.reg.[maykolin1234@aol.com]
  • from %WINDIR%\desktop.ini to %WINDIR%\desktop.ini.[maykolin1234@aol.com]
  • from %WINDIR%\DtcInstall.log to %WINDIR%\DtcInstall.log.[maykolin1234@aol.com]
  • from %WINDIR%\explorer.scf to %WINDIR%\explorer.scf.[maykolin1234@aol.com]
  • from %WINDIR%\0.log to %WINDIR%\0.log.[maykolin1234@aol.com]
  • from %WINDIR%\cmsetacl.log to %WINDIR%\cmsetacl.log.[maykolin1234@aol.com]
  • from %WINDIR%\control.ini to %WINDIR%\control.ini.[maykolin1234@aol.com]
  • from %WINDIR%\system.ini to %WINDIR%\system.ini.[maykolin1234@aol.com]
  • from %WINDIR%\vb.ini to %WINDIR%\vb.ini.[maykolin1234@aol.com]
  • from %WINDIR%\vbaddin.ini to %WINDIR%\vbaddin.ini.[maykolin1234@aol.com]
  • from %WINDIR%\nsreg.dat to %WINDIR%\nsreg.dat.[maykolin1234@aol.com]
  • from %WINDIR%\setuperr.log to %WINDIR%\setuperr.log.[maykolin1234@aol.com]
  • from %WINDIR%\Sti_Trace.log to %WINDIR%\Sti_Trace.log.[maykolin1234@aol.com]
Substitutes the following files:
  • <SYSTEM32>\dllcache\twunk_32.exe.new
  • <SYSTEM32>\dllcache\twunk_16.exe.new
  • <SYSTEM32>\dllcache\twain_32.dll.new
  • <SYSTEM32>\dllcache\winhlp32.exe.new
  • <SYSTEM32>\dllcache\winhelp.exe.new
  • <SYSTEM32>\dllcache\vmmreg32.dll.new
  • <SYSTEM32>\dllcache\notepad.exe.new
  • <SYSTEM32>\dllcache\hh.exe.new
  • C:\temp0.tmp
  • <SYSTEM32>\dllcache\twain.dll.new
  • <SYSTEM32>\dllcache\taskman.exe.new
  • <SYSTEM32>\dllcache\regedit.exe.new
Miscellaneous:
Executes the following:
  • '<SYSTEM32>\cmd.exe' /c vssadmin Delete Shadows /All /Quiet

Recommandations pour le traitement

  1. Si le système d'exploitation peut être démarré (en mode normal ou en mode sans échec), téléchargez Dr.Web Security Space et lancez un scan complet de votre ordinateur et de tous les supports amovibles que vous utilisez. En savoir plus sur Dr.Web Security Space.
  2. Si le démarrage du système d'exploitation est impossible, veuillez modifier les paramètres du BIOS de votre ordinateur pour démarrer votre ordinateur via CD/DVD ou clé USB. Téléchargez l'image du disque de secours de restauration du système Dr.Web® LiveDisk ou l'utilitaire pour enregistrer Dr.Web® LiveDisk sur une clé USB, puis préparez la clé USB appropriée. Démarrez l'ordinateur à l'aide de cette clé et lancez le scan complet et le traitement des menaces détectées.
Version démo gratuite

 

Télécharger Dr.Web

Par le numéro de série

Veuillez lancer le scan complet du système à l'aide de Dr.Web Antivirus pour Mac OS.

Version démo gratuite

 

Télécharger Dr.Web sur le site

Par le numéro de série

Télécharger Dr.Web sur l'Apple Store

Veuillez lancer le scan complet de toutes les partitions du disque à l'aide de Dr.Web Antivirus pour Linux.

Version démo gratuite

 

Télécharger Dr.Web

Par le numéro de série

  1. Si votre appareil mobile fonctionne correctement, veuillez télécharger et installer sur votre appareil mobile Dr.Web pour Android. Lancez un scan complet et suivez les recommandations sur la neutralisation des menaces détectées.
  2. Si l'appareil mobile est bloqué par le Trojan de la famille Android.Locker (un message sur la violation grave de la loi ou la demande d'une rançon est affiché sur l'écran de l'appareil mobile), procédez comme suit:
    • démarrez votre Smartphone ou votre tablette en mode sans échec (si vous ne savez pas comment faire, consultez la documentation de l'appareil mobile ou contactez le fabricant) ;
    • puis téléchargez et installez sur votre appareil mobile Dr.Web pour Android et lancez un scan complet puis suivez les recommandations sur la neutralisation des menaces détectées ;
    • Débranchez votre appareil et rebranchez-le.

En savoir plus sur Dr.Web pour Android

Free trial

14 days

Download now
Get it on Google Play