Pour les utilisateurs

Fermer

Bibliothèque
Ma bibliothèque

+ Ajouter à la bibliothèque

Recherche
Recherche

Contacter-nous !
Support 24/24 | Rules regarding submitting

Envoyer un message

Requête à l'aide du formulaire

Nous téléphoner

0 825 300 230

Forum

Vos requêtes

  • Toutes : -
  • Non clôturées : -
  • Dernière : le -
Créer une nouvelle requête

Nous téléphoner

0 825 300 230

Profil

FR

RU CN DE EN ES FR IT JP KZ UZ PL BY
Fermer
Services support
Scanners
Dr.Web vxCube
Démo
Bibliothèque virale
Base documentaire

TECHNOLOGIES

TERMINOLOGIE

COURS ET EDU

MYTHES

Actualités

Trojan.Encoder.31670

Added to the Dr.Web virus database: 2020-04-27

Virus description added:

Technical Information

Modifies file system
Creates the following files
  • C:\users\all users\adobe\arm\reader_15.007.20033\readerdcmanifest.msi
  • C:\users\all users\microsoft\windows\start menu\programs\maintenance\remote assistance.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\maintenance\create recovery disc.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\maintenance\backup and restore center.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\k-lite codec pack\uninstall\uninstall k-lite codec pack.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\k-lite codec pack\tools\win7dsfiltertweaker.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\k-lite codec pack\tools\mediainfo.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\k-lite codec pack\tools\haali muxer.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\k-lite codec pack\configuration\lav splitter (x64).lnk
  • C:\users\all users\microsoft\windows\start menu\programs\k-lite codec pack\tools\graphstudionext.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\k-lite codec pack\help\frequently asked questions.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\k-lite codec pack\configuration\xvid vfw.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\k-lite codec pack\configuration\x264 vfw (x86).lnk
  • C:\users\all users\microsoft\windows\start menu\programs\k-lite codec pack\configuration\x264 vfw (x64).lnk
  • C:\users\all users\microsoft\windows\start menu\programs\k-lite codec pack\configuration\reset to recommended settings.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\k-lite codec pack\configuration\lav video.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\k-lite codec pack\configuration\lav video (x64).lnk
  • C:\users\all users\microsoft\windows\start menu\programs\k-lite codec pack\tools\graphstudionext (x64).lnk
  • C:\users\all users\microsoft\windows\start menu\programs\k-lite codec pack\configuration\lav splitter.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\microsoft .net framework sdk v1.1\documentation.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\microsoft office\microsoft publisher 2010.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\mirc\ircintro help.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\microsoft office\microsoft office 2010 tools\microsoft office picture manager.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\microsoft office\microsoft office 2010 tools\microsoft office 2010 upload center.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\microsoft office\microsoft office 2010 tools\microsoft office 2010 language preferences.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\microsoft office\microsoft office 2010 tools\microsoft clip organizer.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\microsoft office\microsoft office 2010 tools\digital certificate for vba projects.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\microsoft office\microsoft word 2010.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\microsoft .net framework sdk v1.1\tools.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\microsoft .net framework sdk v1.1\overview.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\microsoft office\microsoft powerpoint 2010.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\microsoft office\microsoft outlook 2010.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\microsoft office\microsoft onenote 2010.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\microsoft office\microsoft infopath filler 2010.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\microsoft office\microsoft infopath designer 2010.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\microsoft office\microsoft excel 2010.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\microsoft office\microsoft access 2010.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\microsoft office\microsoft sharepoint workspace 2010.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\k-lite codec pack\configuration\lav audio.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\k-lite codec pack\configuration\ffdshow vfw interface.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\mirc\mirc.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\windows powershell\windows powershell.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\administrative tools\memory diagnostics tool.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\administrative tools\iscsi initiator.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\administrative tools\event viewer.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\administrative tools\data sources (odbc).lnk
  • C:\users\all users\microsoft\windows\start menu\programs\administrative tools\computer management.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\administrative tools\component services.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\administrative tools\print management.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\administrative tools\performance monitor.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\administrative tools\microsoft .net framework 1.1 configuration.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\windows powershell\windows powershell (x86).lnk
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\tablet pc\windows journal.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\tablet pc\tabtip.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\tablet pc\shapecollector.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\system tools\windows easy transfer.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\system tools\windows easy transfer reports.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\windows powershell\windows powershell ise (x86).lnk
  • C:\users\all users\microsoft\windows\start menu\programs\administrative tools\security configuration management.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\k-lite codec pack\configuration\ffdshow vfw interface (x64).lnk
  • C:\users\all users\microsoft\windows\start menu\programs\mirc\mirc help.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\administrative tools\microsoft .net framework 1.1 wizards.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\k-lite codec pack\configuration\directvobsub.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\k-lite codec pack\configuration\directvobsub (x64).lnk
  • C:\users\all users\microsoft\windows\start menu\programs\k-lite codec pack\media player classic.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\k-lite codec pack\codec tweak tool.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\java\visit java.com.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\java\get help.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\java\configure java.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\java\check for updates.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\java\about java.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\google chrome\google chrome.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\games\gameexplorer.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\administrative tools\windows powershell modules.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\administrative tools\windows firewall with advanced security.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\administrative tools\task scheduler.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\administrative tools\system configuration.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\administrative tools\services.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\k-lite codec pack\configuration\lav audio (x64).lnk
  • C:\users\all users\microsoft\windows\ringtones\ringtone 01.wma
  • C:\users\all users\microsoft\windows\start menu\programs\mirc\readme.txt.lnk
  • C:\users\all users\package cache\{74d0e5db-b326-4dae-a6b2-445b9de1836e}\vc_redist.x86.exe
  • C:\users\all users\package cache\{74d0e5db-b326-4dae-a6b2-445b9de1836e}\state.rsm
  • C:\users\all users\package cache\{6c95b50e-cb5a-4a1f-a7b4-8a6004f8dd6a}\vcredist_x86.exe
  • C:\users\all users\package cache\{6c95b50e-cb5a-4a1f-a7b4-8a6004f8dd6a}\state.rsm
  • C:\users\all users\package cache\{615bc16d-60f5-482e-91b3-b51d8130963b}\vcredist_x86.exe
  • C:\users\all users\package cache\{615bc16d-60f5-482e-91b3-b51d8130963b}\state.rsm
  • C:\users\all users\package cache\{51adbf11-493f-431c-a862-967a0fae2944}\vcredist_x64.exe
  • C:\users\all users\package cache\{a2199617-3609-410f-a8e8-e8806c73545b}\state.rsm
  • C:\users\all users\package cache\{51adbf11-493f-431c-a862-967a0fae2944}\state.rsm
  • C:\users\all users\package cache\{35459b22-19a6-44ec-8d34-27eb3131acac}\state.rsm
  • C:\users\all users\package cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
  • C:\users\all users\package cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\state.rsm
  • C:\users\all users\package cache\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}\vcredist_x86.exe
  • C:\users\all users\package cache\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}\state.rsm
  • C:\users\all users\package cache\{0d3e9e15-de7a-300b-96f1-b4af12b96488}v14.0.23026\packages\vcruntimeminimum_amd64\vc_runtimeminimum_x64.msi
  • C:\users\all users\package cache\{0d3e9e15-de7a-300b-96f1-b4af12b96488}v14.0.23026\packages\vcruntimeminimum_amd64\cab1.cab
  • C:\users\all users\package cache\{35459b22-19a6-44ec-8d34-27eb3131acac}\vcredist_x64.exe
  • C:\users\all users\package cache\{a2199617-3609-410f-a8e8-e8806c73545b}\vcredist_x64.exe
  • C:\users\all users\package cache\{a2563e55-3bec-3828-8d67-e5e8b9e8b675}v14.0.23026\packages\vcruntimeminimum_x86\cab1.cab
  • C:\users\all users\package cache\{a2563e55-3bec-3828-8d67-e5e8b9e8b675}v14.0.23026\packages\vcruntimeminimum_x86\vc_runtimeminimum_x86.msi
  • C:\users\all users\sun\java\java update\jaureglist.xml
  • C:\users\all users\package cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe
  • C:\users\all users\package cache\{f65db027-aff3-4070-886a-0d87064aabb1}\state.rsm
  • C:\users\all users\package cache\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}\vcredist_x86.exe
  • C:\users\all users\package cache\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}\state.rsm
  • C:\users\all users\package cache\{e46eca4f-393b-40df-9f49-076faf788d83}\vc_redist.x64.exe
  • C:\users\all users\package cache\{e46eca4f-393b-40df-9f49-076faf788d83}\state.rsm
  • C:\users\all users\package cache\{dde2682b-961a-41ea-8d44-6005991b7947}\vcredist_x64.exe
  • C:\users\all users\package cache\{dde2682b-961a-41ea-8d44-6005991b7947}\state.rsm
  • C:\users\all users\package cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
  • C:\users\all users\package cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\state.rsm
  • C:\users\all users\package cache\{be960c1c-7bad-3de6-8b1a-2616fe532845}v14.0.23026\packages\vcruntimeadditional_x86\vc_runtimeadditional_x86.msi
  • C:\users\all users\package cache\{be960c1c-7bad-3de6-8b1a-2616fe532845}v14.0.23026\packages\vcruntimeadditional_x86\cab1.cab
  • C:\users\all users\package cache\{bc958bd2-5dac-3862-bb1a-c1be0790438d}v14.0.23026\packages\vcruntimeadditional_amd64\vc_runtimeadditional_x64.msi
  • C:\users\all users\package cache\{bc958bd2-5dac-3862-bb1a-c1be0790438d}v14.0.23026\packages\vcruntimeadditional_amd64\cab1.cab
  • C:\users\all users\package cache\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}\vcredist_x86.exe
  • C:\users\all users\package cache\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}\state.rsm
  • C:\users\all users\package cache\{0f12c81f-93ef-46ec-bc94-d952c1a775d4}\vcredist_x64.exe
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\system tools\task scheduler.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\windows powershell\windows powershell ise.lnk
  • C:\users\all users\package cache\{01db25f3-1b76-4d97-88c8-1c90634d88fb}\state.rsm
  • C:\users\all users\microsoft\windows\wer\reportqueue\appcrash_autokms.exe_efd62e343880604c4145a2e4462f8c532327bc70_099489dd\report.wer
  • C:\users\all users\microsoft\windows\wer\reportqueue\appcrash_autokms.exe_efd62e343880604c4145a2e4462f8c532327bc70_088cc9f7\report.wer
  • C:\users\all users\microsoft\windows\start menu\programs\winrar\winrar.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\winrar\winrar help.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\winrar\what is new in the latest version.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\winrar\console rar manual.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\winamp\winamp.lnk
  • C:\users\all users\microsoft\windows\wer\reportqueue\noncritical_x64_5d5d8b7c1982ab7c66cf747e7b18b39e2441a_cab_073d8027\report.wer
  • C:\users\all users\microsoft\windows\start menu\programs\winamp\winamp (safe mode).lnk
  • C:\users\all users\microsoft\windows\start menu\programs\winamp\uninstall winamp.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\steam\steam.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\steam\steam support center.url
  • C:\users\all users\microsoft\windows\start menu\programs\sharepoint\microsoft sharepoint workspace 2010.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\qip 2012\uninstall qip 2012.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\qip 2012\qip 2012.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\qip 2012\qip 2012 on the web.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\winamp\what's new.lnk
  • C:\users\all users\microsoft\windows\wer\reportqueue\noncritical_x64_d473a376adfb18a7b165c5e3c26de43cd8bccb_cab_079d8596\dmi8538.tmp.log.xml
  • C:\users\all users\microsoft\windows\wer\reportqueue\noncritical_x64_d473a376adfb18a7b165c5e3c26de43cd8bccb_cab_079d8596\report.wer
  • C:\users\all users\microsoft\windows\wer\reportqueue\noncritical_x64_4a8ed64bf1962bf234c1a7153259451034e674_cab_0731c4f1\report.wer
  • C:\users\all users\oracle\java\javapath\javaw.exe
  • C:\users\all users\oracle\java\javapath\javaws.exe
  • C:\users\all users\oracle\java\javapath\java.exe
  • C:\users\all users\package cache\42d5bec7ddfbd49e76467529cbc2868987bf8460\packages\patch\x64\windows6.1-kb2999226-x64.msu
  • C:\users\all users\oracle\java\installcache_x64\baseimagefam8
  • C:\users\all users\mozilla\logs\maintenanceservice-uninstall.log
  • C:\users\all users\mozilla\logs\maintenanceservice-install.log
  • C:\users\all users\microsoft toolkit\settings.xml
  • C:\users\all users\microsoft\windows defender\support\mplog-07132009-221054.log
  • C:\users\all users\microsoft\windows defender\definition updates\{d2b0b133-42ed-44d3-809a-46ebb62ba863}\mpengine.dll
  • C:\users\all users\microsoft\windows\wer\reportqueue\appcrash_autokms.exe_efd62e343880604c4145a2e4462f8c532327bc70_cab_0841821b\wer5cc2.tmp.werinternalmetadata.xml
  • C:\users\all users\microsoft\windows\wer\reportqueue\appcrash_autokms.exe_efd62e343880604c4145a2e4462f8c532327bc70_cab_0841821b\report.wer
  • C:\users\all users\microsoft\windows\wer\reportqueue\appcrash_autokms.exe_efd62e343880604c4145a2e4462f8c532327bc70_cab_0841821b\wer7f7e.tmp.mdmp
  • C:\users\all users\microsoft\windows\wer\reportqueue\appcrash_autokms.exe_efd62e343880604c4145a2e4462f8c532327bc70_cab_0841821b\wer5cd2.tmp.hdmp
  • C:\users\all users\microsoft\windows\wer\reportqueue\appcrash_autokms.exe_efd62e343880604c4145a2e4462f8c532327bc70_cab_0841821b\wer5c82.tmp.appcompat.txt
  • C:\users\all users\microsoft\windows defender\definition updates\{d2b0b133-42ed-44d3-809a-46ebb62ba863}\mpasdlta.vdm
  • C:\users\all users\microsoft\windows defender\definition updates\{d2b0b133-42ed-44d3-809a-46ebb62ba863}\mpasbase.vdm
  • C:\users\all users\package cache\{01db25f3-1b76-4d97-88c8-1c90634d88fb}\vcredist_x86.exe
  • C:\users\all users\microsoft\windows\start menu\programs\mirc\versions.txt.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\system tools\system restore.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\system tools\disk cleanup.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\system tools\system information.lnk
  • C:\users\all users\microsoft\office\uicaptions\1036\ppintl.dll.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\1036\sgres.dll.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\1036\visbrres.dll.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\1036\pubwzint.rest.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\1036\pub6intl.rest.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\1036\pub6intl.dll.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\1036\ppintl.rest.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\1036\wwintl.rest.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\1036\xlintl32.rest.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\1036\visintl.dll.trx_dll
  • C:\users\all users\microsoft\search\data\applications\windows\gatherlogs\systemindex\systemindex.1.crwl
  • C:\users\all users\microsoft\office\uicaptions\1036\xlintl32.dll.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\1036\xlslicer.dll.trx_dll
  • C:\users\all users\microsoft\search\data\applications\windows\windows.edb
  • C:\users\all users\microsoft\search\data\applications\windows\mssres00002.jrs
  • C:\users\all users\microsoft\search\data\applications\windows\mssres00001.jrs
  • C:\users\all users\microsoft\office\uicaptions\1036\outllibr.rest.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\1036\wwintl.dll.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\3082\xlintl32.dll.trx_dll
  • C:\users\all users\microsoft\search\data\applications\windows\mss00002.log
  • C:\users\all users\microsoft\search\data\applications\windows\mss.chk
  • C:\users\all users\microsoft\office\uicaptions\3082\xlintl32.rest.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\3082\xlslicer.dll.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\3082\grintl32.rest.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\3082\msointl.rest.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\3082\stintl.dll.trx_dll
  • C:\users\all users\microsoft\user account pictures\user.dat
  • C:\users\all users\microsoft\user account pictures\user.bmp
  • C:\users\all users\microsoft\user account pictures\guest.bmp
  • C:\users\all users\microsoft\search\data\applications\windows\projects\systemindex\secstore\cist0000.002
  • C:\users\all users\microsoft\search\data\applications\windows\projects\systemindex\secstore\cist0000.001
  • C:\users\all users\microsoft\search\data\applications\windows\projects\systemindex\secstore\cist0000.000
  • C:\users\all users\microsoft\rac\statedata\racwmidatabookmarks.dat
  • C:\users\all users\microsoft\rac\statedata\racdatabase.sdf
  • C:\users\all users\microsoft\rac\statedata\racwmieventdata.dat
  • C:\users\all users\microsoft\rac\statedata\racmetadata.dat
  • C:\users\all users\microsoft\search\data\applications\windows\gatherlogs\systemindex\systemindex.1.gthr
  • C:\users\all users\microsoft\office\uicaptions\1036\outlwvw.dll.trx_dll
  • %LOCALAPPDATA%\google\chrome\user data\default\web applications\_crx_aohghmighlieiainnegkcijnfilokake\документы google.ico
  • C:\users\all users\microsoft\office\uicaptions\3082\wwintl.rest.trx_dll
  • C:\users\all users\microsoft\rac\publisheddata\racwmidatabase.sdf
  • C:\users\all users\microsoft\ilscache\ilrcache.xml
  • C:\users\all users\microsoft\ilscache\imcrcache.xml
  • C:\users\all users\microsoft\identitycrl\ppcrlui.dll
  • C:\users\all users\microsoft\identitycrl\ppcrlconfig.dll
  • C:\users\all users\microsoft\mf\pending.grl
  • C:\users\all users\microsoft\mf\active.grl
  • C:\users\all users\microsoft\network\downloader\qmgr1.dat
  • C:\users\all users\adobe\setup\{ac76ba86-7ad7-1033-7b44-ac0f074e4100}\setup.ini
  • C:\users\all users\adobe\setup\{ac76ba86-7ad7-1033-7b44-ac0f074e4100}\acrordrdcupd1500820082.msp
  • C:\users\all users\adobe\setup\{ac76ba86-7ad7-1033-7b44-ac0f074e4100}\data1.cab
  • C:\users\all users\adobe\setup\{ac76ba86-7ad7-1033-7b44-ac0f074e4100}\acroread.msi
  • C:\users\all users\adobe\setup\{ac76ba86-7ad7-1033-7b44-ac0f074e4100}\setup.exe
  • C:\users\all users\adobe\arm\s\armmanifest.msi
  • C:\users\all users\adobe\arm\s\10428\adobearmhelper.exe
  • C:\users\all users\adobe\arm\reader_15.007.20033\acrordrdcupd1500920077.msp
  • C:\users\all users\adobe\setup\{ac76ba86-7ad7-1033-7b44-ac0f074e4100}\abcpy.ini
  • C:\users\all users\microsoft\office\documentrepository.ico
  • C:\users\all users\microsoft\network\downloader\qmgr0.dat
  • C:\users\all users\microsoft\office\assetlibrary.ico
  • C:\users\all users\microsoft\officesoftwareprotectionplatform\cache\cache.dat
  • C:\users\all users\microsoft\office\uicaptions\1036\msointl.rest.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\3082\envelopr.dll.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\3082\grintl32.dll.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\1036\outllibr.dll.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\1036\onintl.rest.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\1036\omsintl.dll.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\1036\onintl.dll.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\1036\msointl.dll.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\1036\mor6int.rest.trx_dll
  • C:\users\all users\microsoft\office\sharepointportalsite.ico
  • C:\users\all users\microsoft\office\uicaptions\1036\mapir.dll.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\1036\grintl32.rest.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\1036\grintl32.dll.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\1036\envelopr.dll.trx_dll
  • C:\users\all users\microsoft\office\sharepointteamsite.ico
  • C:\users\all users\microsoft\office\mysite.ico
  • C:\users\all users\microsoft\office\mysharepoints.ico
  • C:\users\all users\microsoft\search\data\applications\windows\mss.log
  • C:\users\all users\package cache\{0f12c81f-93ef-46ec-bc94-d952c1a775d4}\state.rsm
  • C:\users\all users\microsoft\office\uicaptions\3082\wwintl.dll.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\3082\sgres.dll.trx_dll
  • C:\users\all users\microsoft\windows\start menu\programs\windows dvd maker.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\sidebar.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\pidgin.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\opera.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\mozilla thunderbird.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\mozilla firefox.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\media center.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\windows fax and scan.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\acrobat reader dc.lnk
  • C:\users\all users\microsoft\windows\start menu\default programs.lnk
  • C:\users\all users\microsoft\windows\ringtones\ringtone 10.wma
  • C:\users\all users\microsoft\windows\ringtones\ringtone 09.wma
  • C:\users\all users\microsoft\windows\ringtones\ringtone 08.wma
  • C:\users\all users\microsoft\windows\ringtones\ringtone 02.wma
  • C:\users\all users\microsoft\windows\ringtones\ringtone 05.wma
  • C:\users\all users\microsoft\windows\ringtones\ringtone 04.wma
  • C:\users\all users\microsoft\windows\start menu\windows update.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\windows media player.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\xps viewer.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\calculator.lnk
  • C:\users\all users\microsoft\office\uicaptions\3082\visintl.dll.trx_dll
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\system tools\resource monitor.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\system tools\dfrgui.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\system tools\character map.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\accessibility\speech recognition.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\wordpad.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\welcome center.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\sync center.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\sticky notes.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\sound recorder.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\snipping tool.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\remote desktop connection.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\paint.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\networkprojection.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\mobility center.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\math input panel.lnk
  • C:\users\all users\microsoft\windows\start menu\programs\accessories\displayswitch.lnk
  • C:\users\all users\microsoft\windows\ringtones\ringtone 03.wma
  • C:\users\all users\microsoft\office\uicaptions\3082\visbrres.dll.trx_dll
  • C:\users\all users\microsoft\windows\ringtones\ringtone 06.wma
  • C:\users\all users\microsoft\office\uicaptions\1036\stintl.dll.trx_dll
  • C:\users\all users\microsoft\search\data\applications\windows\projects\systemindex\propmap\cipt0000.002
  • C:\users\all users\microsoft\search\data\applications\windows\projects\systemindex\propmap\cipt0000.001
  • C:\users\all users\microsoft\office\uicaptions\3082\mapir.dll.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\3082\mor6int.rest.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\3082\msointl.dll.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\3082\omsintl.dll.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\3082\onintl.dll.trx_dll
  • C:\users\all users\microsoft\search\data\applications\windows\projects\systemindex\propmap\cipt0000.000
  • C:\users\all users\microsoft\office\uicaptions\3082\onintl.rest.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\3082\outllibr.rest.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\3082\outlwvw.dll.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\3082\ppintl.dll.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\3082\ppintl.rest.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\3082\pub6intl.dll.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\3082\pub6intl.rest.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\3082\pubwzint.rest.trx_dll
  • C:\users\all users\microsoft\office\uicaptions\3082\outllibr.dll.trx_dll
  • C:\users\all users\microsoft\search\data\applications\windows\projects\systemindex\indexer\cifiles\00010003.wid
  • C:\users\all users\microsoft\search\data\applications\windows\projects\systemindex\indexer\cifiles\00010003.dir
  • C:\users\all users\microsoft\search\data\applications\windows\projects\systemindex\indexer\cifiles\00010003.ci
  • C:\users\all users\microsoft\windows\caches\{6af0698e-d558-4f6e-9b3c-3716689af493}.2.ver0x000000000000000e.db
  • C:\users\all users\microsoft\windows\caches\{4e4260a4-7e39-442e-bc22-7ff751d1c161}.2.ver0x0000000000000002.db
  • C:\users\all users\microsoft\windows\caches\{1e8814b6-8f2d-4b97-87f6-9370f7eb40b7}.2.ver0x0000000000000001.db
  • C:\users\all users\microsoft\search\data\applications\windows\projects\systemindex\indexer\cifiles\ciab0001.002
  • C:\users\all users\microsoft\search\data\applications\windows\projects\systemindex\indexer\cifiles\ciab0002.000
  • C:\users\all users\microsoft\search\data\applications\windows\projects\systemindex\indexer\cifiles\ciab0002.001
  • C:\users\all users\microsoft\search\data\applications\windows\projects\systemindex\indexer\cifiles\ciab0002.002
  • C:\users\all users\microsoft\search\data\applications\windows\projects\systemindex\indexer\cifiles\00010003.wsb
  • C:\users\all users\microsoft\search\data\applications\windows\projects\systemindex\indexer\cifiles\ciab0001.000
  • C:\users\all users\microsoft\search\data\applications\windows\projects\systemindex\indexer\cifiles\ciab0001.001
  • C:\users\all users\microsoft\search\data\applications\windows\projects\systemindex\indexer\cifiles\ciad0002.000
  • C:\users\all users\microsoft\search\data\applications\windows\projects\systemindex\indexer\cifiles\ciad0002.001
  • C:\users\all users\microsoft\search\data\applications\windows\projects\systemindex\indexer\cifiles\ciad0002.002
  • C:\users\all users\microsoft\search\data\applications\windows\projects\systemindex\indexer\cifiles\index.000
  • C:\users\all users\microsoft\search\data\applications\windows\projects\systemindex\indexer\cifiles\index.001
  • C:\users\all users\microsoft\search\data\applications\windows\projects\systemindex\indexer\cifiles\index.002
  • C:\users\all users\microsoft\search\data\applications\windows\projects\systemindex\indexer\cifiles\settings.dia
  • C:\users\all users\microsoft\windows\ringtones\ringtone 07.wma
  • %LOCALAPPDATA%\google\chrome\user data\default\web applications\_crx_aohghmighlieiainnegkcijnfilokake\документы google.ico.md5
Deletes itself.
Modifies user data files (Trojan.Encoder).
Miscellaneous
Creates and executes the following
  • '<SYSTEM32>\cmd.exe' /C choice /C Y /N /D Y /T 3 & Del <Full path to file>' (with hidden window)
Executes the following
  • '%WINDIR%\microsoft.net\framework64\v2.0.50727\dw20.exe' -x -s 1080
  • '<SYSTEM32>\cmd.exe' /C choice /C Y /N /D Y /T 3 & Del <Full path to file>
  • '<SYSTEM32>\choice.exe' /C Y /N /D Y /T 3

Recommandations pour le traitement

  1. Si le système d'exploitation peut être démarré (en mode normal ou en mode sans échec), téléchargez Dr.Web Security Space et lancez un scan complet de votre ordinateur et de tous les supports amovibles que vous utilisez. En savoir plus sur Dr.Web Security Space.
  2. Si le démarrage du système d'exploitation est impossible, veuillez modifier les paramètres du BIOS de votre ordinateur pour démarrer votre ordinateur via CD/DVD ou clé USB. Téléchargez l'image du disque de secours de restauration du système Dr.Web® LiveDisk ou l'utilitaire pour enregistrer Dr.Web® LiveDisk sur une clé USB, puis préparez la clé USB appropriée. Démarrez l'ordinateur à l'aide de cette clé et lancez le scan complet et le traitement des menaces détectées.
Version démo gratuite

 

Télécharger Dr.Web

Par le numéro de série

Veuillez lancer le scan complet du système à l'aide de Dr.Web Antivirus pour Mac OS.

Version démo gratuite

 

Télécharger Dr.Web sur le site

Par le numéro de série

Télécharger Dr.Web sur l'Apple Store

Veuillez lancer le scan complet de toutes les partitions du disque à l'aide de Dr.Web Antivirus pour Linux.

Version démo gratuite

 

Télécharger Dr.Web

Par le numéro de série

  1. Si votre appareil mobile fonctionne correctement, veuillez télécharger et installer sur votre appareil mobile Dr.Web pour Android. Lancez un scan complet et suivez les recommandations sur la neutralisation des menaces détectées.
  2. Si l'appareil mobile est bloqué par le Trojan de la famille Android.Locker (un message sur la violation grave de la loi ou la demande d'une rançon est affiché sur l'écran de l'appareil mobile), procédez comme suit:
    • démarrez votre Smartphone ou votre tablette en mode sans échec (si vous ne savez pas comment faire, consultez la documentation de l'appareil mobile ou contactez le fabricant) ;
    • puis téléchargez et installez sur votre appareil mobile Dr.Web pour Android et lancez un scan complet puis suivez les recommandations sur la neutralisation des menaces détectées ;
    • Débranchez votre appareil et rebranchez-le.

En savoir plus sur Dr.Web pour Android

Free trial

14 days

Download now
Get it on Google Play