Bibliothèque
Ma bibliothèque

+ Ajouter à la bibliothèque

Contacter-nous !
Support 24/24 | Rules regarding submitting

Nous téléphoner

0 825 300 230

Forum

Vos requêtes

  • Toutes : -
  • Non clôturées : -
  • Dernière : le -

Nous téléphoner

0 825 300 230

Profil

Trojan.StartPage.52154

Added to the Dr.Web virus database: 2013-03-30

Virus description added:

Technical Information

Malicious functions:
Creates and executes the following:
  • %WINDIR%\km$mini\kms.exe
  • %WINDIR%\7za.exe x %WINDIR%\KMSmini.7z -y -o%WINDIR%\km$mini\
  • %TEMP%\RarSFX0\HEU_KMS_Activator_v2.1.exe
Executes the following:
  • <SYSTEM32>\reg.exe add "HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel" /v HOMEPAGE /t REG_DWORD /d 1 /f
  • <SYSTEM32>\reg.exe add "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /t REG_SZ /d www.81##5.com/?dj### /f
  • <SYSTEM32>\cmd.exe /c ""%TEMP%\RarSFX0\激活.bat" "
Sets a new unauthorized home page for Windows Internet Explorer.
Modifies file system :
Creates the following files:
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\LicenseSetData._36756CB8_8E69_4D11_9522_68899507CD6A.PPDLIC.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\visio\LicenseSetData._3E4294DD_A765_49BC_8DBD_CF8B62A4BD3D.OOB.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\LicenseSetData._36756CB8_8E69_4D11_9522_68899507CD6A.PHN.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\LicenseSetData._36756CB8_8E69_4D11_9522_68899507CD6A.PL.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\visio\LicenseSetData._3E4294DD_A765_49BC_8DBD_CF8B62A4BD3D.PPDLIC.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\project\LicenseSetData._4A5D124A_E620_44BA_B6FF_658961B33B9A.OOB.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\visio\LicenseSetData._3E4294DD_A765_49BC_8DBD_CF8B62A4BD3D.PHN.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\visio\LicenseSetData._3E4294DD_A765_49BC_8DBD_CF8B62A4BD3D.PL.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\LicenseSetData._1F76E346_E0BE_49BC_9954_70EC53A4FCFE.PPDLIC.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\proplus\LicenseSetData._2B88C4F2_EA8F_43CD_805E_4D41346E18A7.OOB.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\LicenseSetData._1F76E346_E0BE_49BC_9954_70EC53A4FCFE.PHN.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\LicenseSetData._1F76E346_E0BE_49BC_9954_70EC53A4FCFE.PL.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\proplus\LicenseSetData._2B88C4F2_EA8F_43CD_805E_4D41346E18A7.PPDLIC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\LicenseSetData._36756CB8_8E69_4D11_9522_68899507CD6A.OOB.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\proplus\LicenseSetData._2B88C4F2_EA8F_43CD_805E_4D41346E18A7.PHN.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\proplus\LicenseSetData._2B88C4F2_EA8F_43CD_805E_4D41346E18A7.PL.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\LicenseSetData._6F327760_8C5C_417C_9B61_836A98287E0C.RAC_Pub.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\LicenseSetData._92236105_BB67_494F_94C7_7F7A607929BD.OOB.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\LicenseSetData._6F327760_8C5C_417C_9B61_836A98287E0C.PPDLIC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\LicenseSetData._6F327760_8C5C_417C_9B61_836A98287E0C.RAC_Priv.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\LicenseSetData._92236105_BB67_494F_94C7_7F7A607929BD.RAC_Priv.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\LicenseSetData._92236105_BB67_494F_94C7_7F7A607929BD.RAC_Pub.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\LicenseSetData._92236105_BB67_494F_94C7_7F7A607929BD.PL.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\LicenseSetData._92236105_BB67_494F_94C7_7F7A607929BD.PPDLIC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\LicenseSetData._5980CF2B_E460_48AF_921E_0C2A79025D23.OOB.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\LicenseSetData._5980CF2B_E460_48AF_921E_0C2A79025D23.PHN.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\project\LicenseSetData._4A5D124A_E620_44BA_B6FF_658961B33B9A.PL.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\project\LicenseSetData._4A5D124A_E620_44BA_B6FF_658961B33B9A.PPDLIC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\LicenseSetData._6F327760_8C5C_417C_9B61_836A98287E0C.OOB.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\LicenseSetData._6F327760_8C5C_417C_9B61_836A98287E0C.PL.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\LicenseSetData._5980CF2B_E460_48AF_921E_0C2A79025D23.PL.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\LicenseSetData._5980CF2B_E460_48AF_921E_0C2A79025D23.PPDLIC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\LicenseSetData._1F76E346_E0BE_49BC_9954_70EC53A4FCFE.OOB.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\Licenses.sl.RAC.GENERIC.PRIVATE.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\Licenses.sl.RAC.GENERIC.PRIVATE.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\ProjectPro2010Vol\Licenses.sl.RAC.GENERIC.PRIVATE.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\Licenses.sl.RAC.GENERIC.PRIVATE.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\Licenses.sl.RAC.GENERIC.PUBLIC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\Licenses.sl.RAC.GENERIC.PUBLIC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\ProjectPro2010Vol\Licenses.sl.RAC.GENERIC.PUBLIC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\Licenses.sl.RAC.GENERIC.PUBLIC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\Licenses.sl.PKEYCONFIG.SIGNED.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\Licenses.sl.PKEYCONFIG.SIGNED.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\ProjectPro2010Vol\Licenses.sl.PKEYCONFIG.SIGNED.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\Licenses.sl.PKEYCONFIG.SIGNED.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\visio\Licenses.sl.PKEYCONFIG.SIGNED.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\standard\Licenses.sl.PKEYCONFIG.SIGNED.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\project\Licenses.sl.PKEYCONFIG.SIGNED.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\proplus\Licenses.sl.PKEYCONFIG.SIGNED.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\LicenseSetData._191301D3_A579_428C_B0C7_D7988500F9E3.PL.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\LicenseSetData._191301D3_A579_428C_B0C7_D7988500F9E3.PPDLIC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\LicenseSetData._191301D3_A579_428C_B0C7_D7988500F9E3.OOB.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\LicenseSetData._191301D3_A579_428C_B0C7_D7988500F9E3.PHN.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\ProjectPro2010Vol\LicenseSetData._1CF57A59_C532_4E56_9A7D_FFA2FE94B474.PL.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\ProjectPro2010Vol\LicenseSetData._1CF57A59_C532_4E56_9A7D_FFA2FE94B474.PPDLIC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\ProjectPro2010Vol\LicenseSetData._1CF57A59_C532_4E56_9A7D_FFA2FE94B474.OOB.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\ProjectPro2010Vol\LicenseSetData._1CF57A59_C532_4E56_9A7D_FFA2FE94B474.PHN.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\Licenses.sl.SPC.GENERIC.PRIVATE.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\Licenses.sl.SPC.GENERIC.PRIVATE.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\ProjectPro2010Vol\Licenses.sl.SPC.GENERIC.PRIVATE.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\Licenses.sl.SPC.GENERIC.PRIVATE.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\Licenses.sl.SPC.GENERIC.PUBLIC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\Licenses.sl.SPC.GENERIC.PUBLIC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\ProjectPro2010Vol\Licenses.sl.SPC.GENERIC.PUBLIC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\Licenses.sl.SPC.GENERIC.PUBLIC.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\project\LicenseSetData._ED34DC89_1C27_4ECD_8B2F_63D0F4CEDC32.PL.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\project\LicenseSetData._ED34DC89_1C27_4ECD_8B2F_63D0F4CEDC32.PPDLIC.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\project\LicenseSetData._ED34DC89_1C27_4ECD_8B2F_63D0F4CEDC32.OOB.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\project\LicenseSetData._ED34DC89_1C27_4ECD_8B2F_63D0F4CEDC32.PHN.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\LicenseSetData._FDF3ECB9_B56F_43B2_A9B8_1B48B6BAE1A7.PL.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\LicenseSetData._FDF3ECB9_B56F_43B2_A9B8_1B48B6BAE1A7.PPDLIC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\LicenseSetData._FDF3ECB9_B56F_43B2_A9B8_1B48B6BAE1A7.OOB.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\LicenseSetData._FDF3ECB9_B56F_43B2_A9B8_1B48B6BAE1A7.PHN.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\visio\LicenseSetData._E13AC10E_75D0_4AFF_A0CD_764982CF541C.PPDLIC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\LicenseSetData._E558389C_83C3_4B29_ADFE_5E4D7F46C358.OOB.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\visio\LicenseSetData._E13AC10E_75D0_4AFF_A0CD_764982CF541C.OOB.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\visio\LicenseSetData._E13AC10E_75D0_4AFF_A0CD_764982CF541C.PL.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\LicenseSetData._E558389C_83C3_4B29_ADFE_5E4D7F46C358.RAC_Priv.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\LicenseSetData._E558389C_83C3_4B29_ADFE_5E4D7F46C358.RAC_Pub.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\LicenseSetData._E558389C_83C3_4B29_ADFE_5E4D7F46C358.PL.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\LicenseSetData._E558389C_83C3_4B29_ADFE_5E4D7F46C358.PPDLIC.xrm-ms
  • %WINDIR%\km$mini\office15win7\OSPPREARM.EXE
  • %WINDIR%\km$mini\srvany.exe
  • %WINDIR%\km$mini\office14win8\ospprearm.exe
  • %WINDIR%\km$mini\OSPPREARM.EXE
  • %TEMP%\apm3.tmp
  • %TEMP%\apm4.tmp
  • %WINDIR%\km$mini\office14win7\osppc.dll
  • %WINDIR%\km$mini\office14win8\osppc.dll
  • %WINDIR%\km$mini\instsrv.exe
  • %WINDIR%\km$mini\KMS Client.exe
  • %WINDIR%\km$mini\cscript.exe
  • %WINDIR%\km$mini\hstart.exe
  • %WINDIR%\km$mini\msgbox.exe
  • %WINDIR%\km$mini\office14win7\ospprearm.exe
  • %WINDIR%\km$mini\kms.exe
  • %WINDIR%\km$mini\KMService.exe
  • %WINDIR%\km$mini\cert\Office2010Vol\ProjectPro2010Vol\LicenseSetData._DF133FF7_BF14_4F95_AFE3_7B48E7E331EF.RAC_Pub.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\standard\LicenseSetData._A24CCA51_3D54_4C41_8A76_4031F5338CB2.OOB.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\standard\LicenseSetData._A24CCA51_3D54_4C41_8A76_4031F5338CB2.PHN.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\LicenseSetData._9ED833FF_4F92_4F36_B370_8683A4F13275.RAC_Priv.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\LicenseSetData._9ED833FF_4F92_4F36_B370_8683A4F13275.RAC_Pub.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\standard\LicenseSetData._B13AFB38_CD79_4AE5_9F7F_EED058D750CA.OOB.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\standard\LicenseSetData._B13AFB38_CD79_4AE5_9F7F_EED058D750CA.PL.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\standard\LicenseSetData._A24CCA51_3D54_4C41_8A76_4031F5338CB2.PL.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\standard\LicenseSetData._A24CCA51_3D54_4C41_8A76_4031F5338CB2.PPDLIC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\LicenseSetData._9DA2A678_FB6B_4E67_AB84_60DD6A9C819A.PPDLIC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\LicenseSetData._9DA2A678_FB6B_4E67_AB84_60DD6A9C819A.RAC_Priv.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\LicenseSetData._9DA2A678_FB6B_4E67_AB84_60DD6A9C819A.OOB.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\LicenseSetData._9DA2A678_FB6B_4E67_AB84_60DD6A9C819A.PL.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\LicenseSetData._9ED833FF_4F92_4F36_B370_8683A4F13275.PL.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\LicenseSetData._9ED833FF_4F92_4F36_B370_8683A4F13275.PPDLIC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\LicenseSetData._9DA2A678_FB6B_4E67_AB84_60DD6A9C819A.RAC_Pub.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\LicenseSetData._9ED833FF_4F92_4F36_B370_8683A4F13275.OOB.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\LicenseSetData._DD457678_5C3E_48E4_BC67_A89B7A3E3B44.PL.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\LicenseSetData._DD457678_5C3E_48E4_BC67_A89B7A3E3B44.PPDLIC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\LicenseSetData._DD457678_5C3E_48E4_BC67_A89B7A3E3B44.OOB.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\LicenseSetData._DD457678_5C3E_48E4_BC67_A89B7A3E3B44.PHN.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\ProjectPro2010Vol\LicenseSetData._DF133FF7_BF14_4F95_AFE3_7B48E7E331EF.PPDLIC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\ProjectPro2010Vol\LicenseSetData._DF133FF7_BF14_4F95_AFE3_7B48E7E331EF.RAC_Priv.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\ProjectPro2010Vol\LicenseSetData._DF133FF7_BF14_4F95_AFE3_7B48E7E331EF.OOB.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\ProjectPro2010Vol\LicenseSetData._DF133FF7_BF14_4F95_AFE3_7B48E7E331EF.PL.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\proplus\LicenseSetData._B322DA9C_A2E2_4058_9E4E_F59A6970BD69.PL.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\proplus\LicenseSetData._B322DA9C_A2E2_4058_9E4E_F59A6970BD69.PPDLIC.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\standard\LicenseSetData._B13AFB38_CD79_4AE5_9F7F_EED058D750CA.PPDLIC.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\proplus\LicenseSetData._B322DA9C_A2E2_4058_9E4E_F59A6970BD69.OOB.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\LicenseSetData._CAB3A4C4_F31A_4C12_AFA9_A0EECC86BD95.PL.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\LicenseSetData._CAB3A4C4_F31A_4C12_AFA9_A0EECC86BD95.PPDLIC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\LicenseSetData._CAB3A4C4_F31A_4C12_AFA9_A0EECC86BD95.OOB.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\LicenseSetData._CAB3A4C4_F31A_4C12_AFA9_A0EECC86BD95.PHN.xrm-ms
  • %WINDIR%\km$mini\office14win7\ospp.vbs
  • %WINDIR%\km$mini\office14win8\ospp.vbs
  • %WINDIR%\km$mini\SLERROR.XML
  • %WINDIR%\km$mini\msg.vbs
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\license.reg
  • %WINDIR%\km$mini\cert\Office2010Vol\ProjectPro2010Vol\license.reg
  • %WINDIR%\km$mini\office15win7\OSPP.VBS
  • %WINDIR%\km$mini\OSPP.VBS
  • %WINDIR%\km$mini\shuten.cmd
  • %WINDIR%\km$mini\win.cmd
  • %WINDIR%\km$mini\rewin.cmd
  • %WINDIR%\km$mini\shut.cmd
  • %WINDIR%\km$mini\office14win8\slerror.xml
  • %WINDIR%\km$mini\office15win7\SLERROR.XML
  • %WINDIR%\km$mini\winen.cmd
  • %WINDIR%\km$mini\office14win7\slerror.xml
  • %WINDIR%\km$mini\cert\kmscert2013\proplus\Licenses.sl.ISSUANCE.CLIENT_BRIDGE_OFFICE.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\visio\Licenses.sl.ISSUANCE.CLIENT_BRIDGE_OFFICE.xrm-ms
  • %WINDIR%\km$mini\service.inf
  • %WINDIR%\km$mini\cert\kmscert2013\project\Licenses.sl.ISSUANCE.CLIENT_BRIDGE_OFFICE.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\Licenses.sl.ISSUANCE.CLIENT_PKC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\Licenses.sl.ISSUANCE.CLIENT_PKC.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\standard\Licenses.sl.ISSUANCE.CLIENT_BRIDGE_OFFICE.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\ProjectPro2010Vol\Licenses.sl.ISSUANCE.CLIENT_PKC.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\project\project.reg
  • %WINDIR%\km$mini\cert\kmscert2013\proplus\proplus.reg
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\license.reg
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\license.reg
  • %WINDIR%\km$mini\使用教程.pdf
  • %WINDIR%\km$mini\kms.apm
  • %WINDIR%\km$mini\cert\kmscert2013\standard\standard.reg
  • %WINDIR%\km$mini\cert\kmscert2013\visio\visio.reg
  • %WINDIR%\km$mini\reof.cmd
  • %WINDIR%\km$mini\ckof.cmd
  • %WINDIR%\km$mini\ckwin.cmd
  • %WINDIR%\km$mini\actonline.cmd
  • %WINDIR%\km$mini\actonlineen.cmd
  • %WINDIR%\km$mini\KeyMngOf.cmd
  • %WINDIR%\km$mini\KeyMngOfen.cmd
  • %WINDIR%\km$mini\cleankms.cmd
  • %WINDIR%\km$mini\help.cmd
  • %TEMP%\aut1.tmp
  • %WINDIR%\KMSmini.7z
  • %TEMP%\RarSFX0\HEU_KMS_Activator_v2.1.exe
  • %TEMP%\RarSFX0\激活.bat
  • %WINDIR%\km$mini\act.cmd
  • %WINDIR%\km$mini\acten.cmd
  • %TEMP%\aut2.tmp
  • %WINDIR%\7za.exe
  • %WINDIR%\km$mini\office15.cmd
  • %WINDIR%\km$mini\office15en.cmd
  • %WINDIR%\km$mini\office14.cmd
  • %WINDIR%\km$mini\office14en.cmd
  • %WINDIR%\km$mini\re2vl.cmd
  • %WINDIR%\km$mini\re2vlen.cmd
  • %WINDIR%\km$mini\Qemu.cmd
  • %WINDIR%\km$mini\Qemuen.cmd
  • %WINDIR%\km$mini\kill.cmd
  • %WINDIR%\km$mini\killen.cmd
  • %WINDIR%\km$mini\KeyMngW.cmd
  • %WINDIR%\km$mini\KeyMngWen.cmd
  • %WINDIR%\km$mini\kmsname.cmd
  • %WINDIR%\km$mini\kmsnameen.cmd
  • %WINDIR%\km$mini\KMSIns.cmd
  • %WINDIR%\km$mini\KMSInsen.cmd
  • %WINDIR%\km$mini\cert\kmscert2013\visio\Licenses.sl.ISSUANCE.CLIENT_UL.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\standard\Licenses.sl.ISSUANCE.CLIENT_UL.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\project\Licenses.sl.ISSUANCE.CLIENT_UL.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\proplus\Licenses.sl.ISSUANCE.CLIENT_UL.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\Licenses.sl.ISSUANCE.CLIENT_UL_OEM.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\Licenses.sl.ISSUANCE.CLIENT_UL_OEM.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\ProjectPro2010Vol\Licenses.sl.ISSUANCE.CLIENT_UL_OEM.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\Licenses.sl.ISSUANCE.CLIENT_UL_OEM.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\visio\Licenses.sl.ISSUANCE.CLIENT_STIL.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\standard\Licenses.sl.ISSUANCE.CLIENT_STIL.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\project\Licenses.sl.ISSUANCE.CLIENT_STIL.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\proplus\Licenses.sl.ISSUANCE.CLIENT_STIL.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\Licenses.sl.ISSUANCE.CLIENT_UL.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\Licenses.sl.ISSUANCE.CLIENT_UL.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\ProjectPro2010Vol\Licenses.sl.ISSUANCE.CLIENT_UL.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\Licenses.sl.ISSUANCE.CLIENT_UL.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\Licenses.sl.ISSUANCE.CLIENT_UL_PHN.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\Licenses.sl.ISSUANCE.CLIENT_UL_PHN.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\ProjectPro2010Vol\Licenses.sl.ISSUANCE.CLIENT_UL_PHN.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\Licenses.sl.ISSUANCE.CLIENT_UL_PHN.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\Licenses.sl.ISSUANCE.CLIENT_WGALIC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\Licenses.sl.ISSUANCE.CLIENT_WGALIC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\ProjectPro2010Vol\Licenses.sl.ISSUANCE.CLIENT_WGALIC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\Licenses.sl.ISSUANCE.CLIENT_WGALIC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\Licenses.sl.ISSUANCE.CLIENT_UL_OOB.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\Licenses.sl.ISSUANCE.CLIENT_UL_OOB.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\ProjectPro2010Vol\Licenses.sl.ISSUANCE.CLIENT_UL_OOB.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\Licenses.sl.ISSUANCE.CLIENT_UL_OOB.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\visio\Licenses.sl.ISSUANCE.CLIENT_UL_OOB.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\standard\Licenses.sl.ISSUANCE.CLIENT_UL_OOB.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\project\Licenses.sl.ISSUANCE.CLIENT_UL_OOB.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\proplus\Licenses.sl.ISSUANCE.CLIENT_UL_OOB.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\Licenses.sl.ISSUANCE.CLIENT_STIL.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\Licenses.sl.ISSUANCE.CLIENT_RAC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\Licenses.sl.ISSUANCE.CLIENT_RAC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\Licenses.sl.ISSUANCE.CLIENT_PPD.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\ProjectPro2010Vol\Licenses.sl.ISSUANCE.CLIENT_RAC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\Licenses.sl.ISSUANCE.CLIENT_ROOT.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\Licenses.sl.ISSUANCE.CLIENT_ROOT.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\Licenses.sl.ISSUANCE.CLIENT_RAC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\ProjectPro2010Vol\Licenses.sl.ISSUANCE.CLIENT_ROOT.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\Licenses.sl.ISSUANCE.CLIENT_PLUGIN_MANIFEST.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\Licenses.sl.ISSUANCE.CLIENT_PLUGIN_MANIFEST.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\Licenses.sl.ISSUANCE.CLIENT_PKC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\ProjectPro2010Vol\Licenses.sl.ISSUANCE.CLIENT_PLUGIN_MANIFEST.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\Licenses.sl.ISSUANCE.CLIENT_PPD.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\Licenses.sl.ISSUANCE.CLIENT_PPD.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\Licenses.sl.ISSUANCE.CLIENT_PLUGIN_MANIFEST.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\ProjectPro2010Vol\Licenses.sl.ISSUANCE.CLIENT_PPD.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\Licenses.sl.ISSUANCE.CLIENT_SPC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\Licenses.sl.ISSUANCE.CLIENT_SPC.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\standard\Licenses.sl.ISSUANCE.CLIENT_ROOT_BRIDGE_TEST.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\ProjectPro2010Vol\Licenses.sl.ISSUANCE.CLIENT_SPC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Standard2010Vol\Licenses.sl.ISSUANCE.CLIENT_STIL.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\OfficeProplus2010Vol\Licenses.sl.ISSUANCE.CLIENT_STIL.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\Licenses.sl.ISSUANCE.CLIENT_SPC.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\ProjectPro2010Vol\Licenses.sl.ISSUANCE.CLIENT_STIL.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\proplus\Licenses.sl.ISSUANCE.CLIENT_ROOT.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\visio\Licenses.sl.ISSUANCE.CLIENT_ROOT.xrm-ms
  • %WINDIR%\km$mini\cert\Office2010Vol\Visio2010Vol\Licenses.sl.ISSUANCE.CLIENT_ROOT.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\project\Licenses.sl.ISSUANCE.CLIENT_ROOT.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\proplus\Licenses.sl.ISSUANCE.CLIENT_ROOT_BRIDGE_TEST.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\visio\Licenses.sl.ISSUANCE.CLIENT_ROOT_BRIDGE_TEST.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\standard\Licenses.sl.ISSUANCE.CLIENT_ROOT.xrm-ms
  • %WINDIR%\km$mini\cert\kmscert2013\project\Licenses.sl.ISSUANCE.CLIENT_ROOT_BRIDGE_TEST.xrm-ms
Deletes the following files:
  • %TEMP%\apm4.tmp
  • %TEMP%\aut2.tmp
  • %TEMP%\aut1.tmp
Miscellaneous:
Searches for the following windows:
  • ClassName: 'Shell_TrayWnd' WindowName: ''
  • ClassName: 'EDIT' WindowName: ''

Recommandations pour le traitement

  1. Si le système d'exploitation peut être démarré (en mode normal ou en mode sans échec), téléchargez Dr.Web Security Space et lancez un scan complet de votre ordinateur et de tous les supports amovibles que vous utilisez. En savoir plus sur Dr.Web Security Space.
  2. Si le démarrage du système d'exploitation est impossible, veuillez modifier les paramètres du BIOS de votre ordinateur pour démarrer votre ordinateur via CD/DVD ou clé USB. Téléchargez l'image du disque de secours de restauration du système Dr.Web® LiveDisk ou l'utilitaire pour enregistrer Dr.Web® LiveDisk sur une clé USB, puis préparez la clé USB appropriée. Démarrez l'ordinateur à l'aide de cette clé et lancez le scan complet et le traitement des menaces détectées.

Veuillez lancer le scan complet du système à l'aide de Dr.Web Antivirus pour Mac OS.

Veuillez lancer le scan complet de toutes les partitions du disque à l'aide de Dr.Web Antivirus pour Linux.

  1. Si votre appareil mobile fonctionne correctement, veuillez télécharger et installer sur votre appareil mobile Dr.Web pour Android. Lancez un scan complet et suivez les recommandations sur la neutralisation des menaces détectées.
  2. Si l'appareil mobile est bloqué par le Trojan de la famille Android.Locker (un message sur la violation grave de la loi ou la demande d'une rançon est affiché sur l'écran de l'appareil mobile), procédez comme suit:
    • démarrez votre Smartphone ou votre tablette en mode sans échec (si vous ne savez pas comment faire, consultez la documentation de l'appareil mobile ou contactez le fabricant) ;
    • puis téléchargez et installez sur votre appareil mobile Dr.Web pour Android et lancez un scan complet puis suivez les recommandations sur la neutralisation des menaces détectées ;
    • Débranchez votre appareil et rebranchez-le.

En savoir plus sur Dr.Web pour Android