Pour les utilisateurs

Fermer

Bibliothèque
Ma bibliothèque

+ Ajouter à la bibliothèque

Recherche
Recherche

Contacter-nous !
Support 24/24 | Rules regarding submitting

Envoyer un message

Requête à l'aide du formulaire

Nous téléphoner

0 825 300 230

Forum

Vos requêtes

  • Toutes : -
  • Non clôturées : -
  • Dernière : le -
Créer une nouvelle requête

Nous téléphoner

0 825 300 230

Profil

FR

RU CN DE EN ES FR IT JP KZ UZ PL BY ID
Fermer
Services support
Scanners
Dr.Web vxCube
Démo
Bibliothèque virale
Base documentaire

TECHNOLOGIES

TERMINOLOGIE

COURS ET EDU

MYTHES

Actualités

Trojan.KillProc2.25389

Added to the Dr.Web virus database: 2025-07-10

Virus description added:

Technical Information

Malicious functions
Terminates or attempts to terminate
the following system processes:
  • %WINDIR%\explorer.exe
  • <SYSTEM32>\taskhost.exe
  • <SYSTEM32>\dwm.exe
the following user processes:
  • iexplore.exe
  • firefox.exe
Modifies file system
Creates the following files
  • %WINDIR%y1s2fctrp3
  • %CommonProgramFiles%\microsoft shared\tsomq34 sperm nom72kl lady .mpg.exe
  • %ProgramFiles%\dvd maker\shared\0287zh nom72kl gay sgu4m7oc wifey .zip.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\ikdyfwhy porn epyxwn boobs .mpeg.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\black mzwpstr8n horse big lady (cy4xpd).avi.exe
  • %ProgramFiles%\microsoft office\office14\groove\xml files\space templates\h93bklf [free] hole 6tl9zg0uqa .rar.exe
  • %ProgramFiles%\microsoft office\templates\ddqayq [milf] .mpeg.exe
  • %ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\tsomq34 [free] (dxocjwba,sarah).rar.exe
  • %ProgramFiles%\windows journal\templates\7b6fhxi horse bd1l5ir girls lzxyhb7k .zip.exe
  • %ProgramFiles%\windows sidebar\shared gadgets\w6csjja14n1 [free] feet .mpeg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\fac71w2 xakmpl sperm l9hwcs7vvnphd9 kfp2yqq .mpg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\8r3baiec porn vjq39c1gwy cock (jade,sarah).avi.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\z9z7rwe tsomq34 l9hwcs7vvnphd9 feet 50+ .rar.exe
  • %CommonProgramFiles(x86)%\microsoft shared\eq7k2xcxt yzw1afy horse [milf] kfp2yqq sm .zip.exe
  • %ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\jxaglwti porn bq4kno young .avi.exe
  • %ProgramFiles(x86)%\windows sidebar\shared gadgets\jxaglwti nude horse sgu4m7oc ash .zip.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\porn mnho9y54 apv53deiq9fw latex .mpg.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\black h93bklf bd1l5ir uncut .mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\asian porn sperm vjq39c1gwy hotel .mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\8r3baiec beast tsomq34 7vepaqjm glans 50+ (sandy,sandy).mpg.exe
  • %ALLUSERSPROFILE%\templates\zc8giv9 ddqayq beast [milf] feet nmibe2 .mpg.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\s2fkave porn horse hot (!) nrb42wq (karin,karin).avi.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\eq7k2xcxt beast uncut (hyo87il).mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\7b6fhxi bd1l5ir 7vepaqjm zn3tvn .zip.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\f07qtt lpcu5ai3 vjq39c1gwy glans qx2j1b5 .mpeg.exe
  • %ALLUSERSPROFILE%\templates\nude 7nd83wovj ihthd33 .avi.exe
  • C:\users\default\appdata\local\microsoft\windows\<INETFILES>\zc8giv9 horse 8ok6yf nom72kl .zip.exe
  • C:\users\default\appdata\local\temp\0287zh w6csjja14n1 sgu4m7oc .avi.exe
  • C:\users\default\appdata\local\<INETFILES>\nude h93bklf girls ash .avi.exe
  • C:\users\default\appdata\roaming\microsoft\windows\templates\eq7k2xcxt xakmpl epyxwn boots (sandy,jade).avi.exe
  • C:\users\default\templates\nom72kl yzw1afy ihthd33 .zip.exe
  • %LOCALAPPDATA%\microsoft\windows\<INETFILES>\wpjwijv beast vjq39c1gwy titts 8pfmdyy (gina).mpg.exe
  • %TEMP%\gzn4ud7e lpcu5ai3 [milf] .avi.exe
  • %LOCALAPPDATA%low\mozilla\temp-{070abd97-84e1-4f5f-9c02-f1d76dd9fce4}\s2fkave 8ok6yf horse 7vepaqjm .mpg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{1fae114c-c2b0-4da1-b23a-8e5ad0c3d722}\zc8giv9 xxx xxx hot (!) (sarah,hyo87il).zip.exe
  • %LOCALAPPDATA%low\mozilla\temp-{3571406e-c08c-4c74-b145-8857b365f6e7}\asian 7nd83wovj ihthd33 qq6w54yfhtqrbwcslg (cy4xpd).mpeg.exe
  • %APPDATA%\microsoft\templates\8r3baiec cum cum [milf] titts ol6p1tua (sandy,jenna).mpg.exe
  • %APPDATA%\microsoft\windows\templates\viaz50 xakmpl apv53deiq9fw js80j73 (dxocjwba).zip.exe
  • %APPDATA%\mozilla\firefox\profiles\v08trqk6.default-release\storage\temporary\f1i7cm nude uncut b37oavmx289 .mpg.exe
  • %APPDATA%\thunderbird\profiles\chdgbv82.default-release\storage\temporary\porn 7vepaqjm titts .mpg.exe
  • %HOMEPATH%\templates\fac71w2 gay gay l9hwcs7vvnphd9 6tl9zg0uqa .rar.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor\zc8giv9 horse epyxwn .zip.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor.resources\z9z7rwe ddqayq big young .avi.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor\h93bklf uncut .mpeg.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor.resources\black tsomq34 beast uncut titts js80j73 (haj1oyikd).avi.exe
  • %WINDIR%\assembly\gac_64\microsoft.sharepoint.businessdata.administration.client\8ok6yf horse nom72kl gsva2xn (dxocjwba).rar.exe
  • %WINDIR%\assembly\gac_msil\microsoft.sharepoint.businessdata.administration.client.intl\wpjwijv cum 8ok6yf hot (!) kfp2yqq balls .mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\eq7k2xcxt wep6b08 cum big sweet .zip.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\zap9e41.tmp\cum [milf] .avi.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\beast l9hwcs7vvnphd9 titts qq6w54yfhtqrbwcslg .rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zap6b8e.tmp\7b6fhxi nom72kl xakmpl uncut zmc8ujp .mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape56e.tmp\gay ihthd33 nmibe2 (cy4xpd,sonja).mpeg.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_32\temp\fac71w2 8ok6yf cum [bangbus] young .rar.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_64\temp\black xxx sgu4m7oc .zip.exe
  • %WINDIR%\assembly\temp\ddqayq h93bklf [bangbus] girly (sonja).mpg.exe
  • %WINDIR%\assembly\tmp\ gay 7vepaqjm lady .rar.exe
  • %WINDIR%\microsoft.net\framework64\v4.0.30319\temporary asp.net files\jxaglwti cum w6csjja14n1 uncut .mpeg.exe
  • %WINDIR%\pla\templates\viaz50 xakmpl beast girls .zip.exe
  • %WINDIR%\security\templates\beast bd1l5ir big cock .mpeg.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\microsoft\windows\<INETFILES>\8ok6yf uncut titts latex .avi.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\temp\nude sgu4m7oc (dxocjwba).rar.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\roaming\microsoft\windows\templates\bd1l5ir xxx l9hwcs7vvnphd9 (jenna,dehod0).rar.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\microsoft\windows\<INETFILES>\sperm h93bklf hot (!) kfp2yqq sweet .avi.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\temp\viaz50 xxx bq4kno boots (dxocjwba,sonja).mpg.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\templates\wep6b08 tsomq34 sgu4m7oc young .zip.exe
  • %WINDIR%\syswow64\config\systemprofile\tsomq34 7vepaqjm titts .zip.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\ikdyfwhy 8ok6yf 7nd83wovj ihthd33 779mipj .avi.exe
  • %WINDIR%\syswow64\ime\shared\bd1l5ir [milf] young (liz).rar.exe
  • %WINDIR%\syswow64\config\systemprofile\bd1l5ir gay bq4kno .zip.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\fac71w2 7nd83wovj ihthd33 js80j73 .mpg.exe
  • %WINDIR%\syswow64\fxstmp\f07qtt horse vjq39c1gwy nmibe2 .mpg.exe
  • %WINDIR%\syswow64\ime\shared\sperm tsomq34 uncut (dehod0,sonja).mpg.exe
  • %WINDIR%\temp\xakmpl hot (!) glans .avi.exe
  • %WINDIR%\winsxs\installtemp\mzwpstr8n xxx girls .zip.exe
  • <Current directory>\sqjaed7r1vnw
  • %CommonProgramFiles%\microsoft shared\8ok6yf gay [bangbus] feet nmibe2 (karin,karin).mpg.exe
  • %CommonProgramFiles%\microsoft shared\porn uncut sweet .mpg.exe
  • %ProgramFiles%\dvd maker\shared\8r3baiec bd1l5ir l9hwcs7vvnphd9 qx2j1b5 .mpeg.exe
  • %ProgramFiles%\dvd maker\shared\horse lpcu5ai3 [free] .avi.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\0287zh bd1l5ir uncut lzxyhb7k .mpg.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\7b6fhxi horse wep6b08 [bangbus] .mpg.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\zc8giv9 xxx 7nd83wovj nom72kl ash qx2j1b5 .rar.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\f07qtt horse uncut feet .rar.exe
  • %ProgramFiles%\microsoft office\office14\groove\xml files\space templates\gzn4ud7e nude nom72kl girls cock shoes .mpg.exe
  • %ProgramFiles%\microsoft office\office14\groove\xml files\space templates\eq7k2xcxt beast l9hwcs7vvnphd9 (y8oxsqa,hyo87il).rar.exe
  • %ProgramFiles%\microsoft office\templates\horse [free] kfp2yqq sweet .mpeg.exe
  • %ProgramFiles%\microsoft office\templates\gzn4ud7e gay girls gh5b6gd7wrv (g6u8n4r).zip.exe
  • %ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\f1i7cm mnho9y54 tsomq34 big glans .mpeg.exe
  • %ProgramFiles%\windows journal\templates\black l9hwcs7vvnphd9 jxqgtp .zip.exe
  • %ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\0287zh bd1l5ir bq4kno legs rv0y8n .avi.exe
  • %ProgramFiles%\windows journal\templates\gay girls b37oavmx289 .rar.exe
  • %ProgramFiles%\windows sidebar\shared gadgets\black nom72kl horse [bangbus] 40+ (haj1oyikd,sonja).mpg.exe
  • %ProgramFiles%\windows sidebar\shared gadgets\asian w6csjja14n1 mzwpstr8n [bangbus] glans ash .mpeg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\cum w6csjja14n1 epyxwn cock gsva2xn .rar.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\z1qxwcd lpcu5ai3 sgu4m7oc sweet .zip.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\wep6b08 nom72kl nom72kl ash mg9fvb2xk9 .zip.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\xakmpl sperm ihthd33 hairy .mpeg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\upfgetx xxx apv53deiq9fw 6tl9zg0uqa .zip.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\horse nom72kl uncut .zip.exe
  • %CommonProgramFiles(x86)%\microsoft shared\mzwpstr8n h93bklf 7vepaqjm sm (karin).mpg.exe
  • %ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\gay w6csjja14n1 l9hwcs7vvnphd9 legs sm .rar.exe
  • %CommonProgramFiles(x86)%\microsoft shared\lpcu5ai3 w6csjja14n1 big .rar.exe
  • %ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\s2fkave sperm apv53deiq9fw .mpg.exe
  • %ProgramFiles(x86)%\windows sidebar\shared gadgets\h93bklf l9hwcs7vvnphd9 rv0y8n (gina).avi.exe
  • %ProgramFiles(x86)%\windows sidebar\shared gadgets\f1i7cm mzwpstr8n lpcu5ai3 ihthd33 (jade,dxocjwba).mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\lpcu5ai3 horse big qx2j1b5 .rar.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\horse mnho9y54 big jxqgtp (rdl1tfkz).rar.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\zc8giv9 horse tsomq34 [bangbus] wifey (sarah,sandy).mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\eq7k2xcxt mzwpstr8n beast girls legs 40+ .rar.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\8ok6yf uncut glans sm .mpeg.exe
  • %ALLUSERSPROFILE%\templates\4h1e2a346 mzwpstr8n l9hwcs7vvnphd9 .mpg.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\0287zh sperm l9hwcs7vvnphd9 ash .avi.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\wpjwijv horse [bangbus] balls (gina,gina).zip.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\z9z7rwe horse mnho9y54 vjq39c1gwy hole .avi.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\xxx cum uncut hotel .mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\4h1e2a346 horse xxx girls jxqgtp young (sonja).mpg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\jxaglwti 7nd83wovj nom72kl legs latex .mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\z9z7rwe lpcu5ai3 ddqayq big .zip.exe
  • %ALLUSERSPROFILE%\templates\z1qxwcd w6csjja14n1 7vepaqjm .mpeg.exe
  • C:\users\default\appdata\local\microsoft\windows\<INETFILES>\z1qxwcd xakmpl big boobs .zip.exe
  • C:\users\default\appdata\local\temp\f1i7cm w6csjja14n1 big (sarah).mpg.exe
  • C:\users\default\appdata\local\<INETFILES>\zc8giv9 nude ihthd33 (sonja,sandy).rar.exe
  • C:\users\default\appdata\roaming\microsoft\windows\templates\h93bklf girls lzxyhb7k .zip.exe
  • %ALLUSERSPROFILE%\templates\upfgetx gay hot (!) 779mipj .zip.exe
  • C:\users\default\templates\asian bd1l5ir beast bq4kno boots .zip.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\zc8giv9 uncut legs ol6p1tua .mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\upfgetx xxx bd1l5ir [bangbus] wifey (dxocjwba,dxocjwba).mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\upfgetx yzw1afy horse [free] legs .avi.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\f07qtt 8ok6yf ihthd33 rv0y8n .avi.exe
  • %LOCALAPPDATA%\microsoft\windows\<INETFILES>\gzn4ud7e tsomq34 [bangbus] feet fishy .mpeg.exe
  • %ALLUSERSPROFILE%\templates\4h1e2a346 h93bklf nude [free] (dehod0,haj1oyikd).mpeg.exe
  • C:\users\default\appdata\local\microsoft\windows\<INETFILES>\0287zh horse epyxwn .avi.exe
  • %TEMP%\fac71w2 tsomq34 sperm vjq39c1gwy glans wifey (gina).mpeg.exe
  • %LOCALAPPDATA%\<INETFILES>\7nd83wovj uncut titts .mpg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{070abd97-84e1-4f5f-9c02-f1d76dd9fce4}\fac71w2 porn 7vepaqjm sweet .mpeg.exe
  • C:\users\default\appdata\local\temp\gzn4ud7e lpcu5ai3 apv53deiq9fw fw58kpr41ob1w (liz).avi.exe
  • C:\users\default\appdata\local\<INETFILES>\8r3baiec big kfp2yqq .mpeg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{1fae114c-c2b0-4da1-b23a-8e5ad0c3d722}\black bq4kno (cy4xpd,c4w8hqa).mpg.exe
  • C:\users\default\appdata\roaming\microsoft\windows\templates\tsomq34 ddqayq girls boobs boots .zip.exe
  • C:\users\default\templates\f07qtt mnho9y54 lpcu5ai3 girls .mpg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{3571406e-c08c-4c74-b145-8857b365f6e7}\jxaglwti h93bklf uncut young .mpg.exe
  • %LOCALAPPDATA%\microsoft\windows\<INETFILES>\asian horse porn ihthd33 hole wifey (sonja).zip.exe
  • %APPDATA%\microsoft\templates\fac71w2 horse hot (!) (jade,y8oxsqa).mpeg.exe
  • %TEMP%\zc8giv9 beast vjq39c1gwy kfp2yqq ejn547rbxhd1 .zip.exe
  • %LOCALAPPDATA%\<INETFILES>\porn uncut b37oavmx289 (haj1oyikd).avi.exe
  • %APPDATA%\microsoft\windows\templates\upfgetx nom72kl tsomq34 hot (!) mg9fvb2xk9 (36mho73).zip.exe
  • %LOCALAPPDATA%low\mozilla\temp-{070abd97-84e1-4f5f-9c02-f1d76dd9fce4}\beast epyxwn legs b37oavmx289 .mpeg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{1fae114c-c2b0-4da1-b23a-8e5ad0c3d722}\f1i7cm porn big ash .rar.exe
  • %LOCALAPPDATA%low\mozilla\temp-{3571406e-c08c-4c74-b145-8857b365f6e7}\gay 7vepaqjm .mpg.exe
  • %APPDATA%\mozilla\firefox\profiles\v08trqk6.default-release\storage\temporary\mzwpstr8n big kfp2yqq b37oavmx289 (2hbt8wr).rar.exe
  • %APPDATA%\microsoft\templates\xakmpl hot (!) boots .zip.exe
  • %APPDATA%\microsoft\windows\templates\upfgetx beast horse vjq39c1gwy boobs mg9fvb2xk9 (karin,sonja).mpg.exe
  • %APPDATA%\thunderbird\profiles\chdgbv82.default-release\storage\temporary\zc8giv9 gay l9hwcs7vvnphd9 legs .mpg.exe
  • %APPDATA%\mozilla\firefox\profiles\v08trqk6.default-release\storage\temporary\nom72kl beast l9hwcs7vvnphd9 boobs 8pfmdyy .zip.exe
  • %HOMEPATH%\templates\s2fkave xakmpl uncut .zip.exe
  • %APPDATA%\thunderbird\profiles\chdgbv82.default-release\storage\temporary\porn xakmpl [bangbus] legs nrb42wq .mpg.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor\s2fkave mzwpstr8n gay girls .zip.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor.resources\gzn4ud7e girls latex .mpg.exe
  • %HOMEPATH%\templates\black wep6b08 apv53deiq9fw .mpeg.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor\ddqayq wep6b08 bq4kno .mpeg.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor.resources\nom72kl [free] .rar.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor\z1qxwcd 7nd83wovj bq4kno .avi.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor\7b6fhxi wep6b08 mzwpstr8n epyxwn .mpeg.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor.resources\fac71w2 w6csjja14n1 uncut sweet .rar.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor.resources\z1qxwcd lpcu5ai3 nude [free] girly .mpeg.exe
  • %WINDIR%\assembly\gac_64\microsoft.sharepoint.businessdata.administration.client\bd1l5ir nom72kl .mpg.exe
  • %WINDIR%\assembly\gac_msil\microsoft.sharepoint.businessdata.administration.client.intl\z9z7rwe mnho9y54 8ok6yf 7vepaqjm ash .avi.exe
  • %WINDIR%\assembly\gac_msil\microsoft.sharepoint.businessdata.administration.client.intl\4h1e2a346 lpcu5ai3 uncut .rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\eq7k2xcxt sperm mnho9y54 uncut nmibe2 .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\zap9e41.tmp\xakmpl cum apv53deiq9fw (jade,haj1oyikd).mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\upfgetx h93bklf porn 7vepaqjm latex .mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zap6b8e.tmp\z9z7rwe lpcu5ai3 horse hot (!) ae2sd7u4xh .zip.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape291.tmp\viaz50 w6csjja14n1 uncut girly .mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape56e.tmp\mzwpstr8n bd1l5ir [milf] boobs .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\asian tsomq34 h93bklf ihthd33 (liz,sonja).mpeg.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_32\temp\horse nude girls boobs .rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\zap9e41.tmp\eq7k2xcxt h93bklf 7vepaqjm titts shoes .rar.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_64\temp\jxaglwti wep6b08 xakmpl uncut shoes (sonja,dehod0).mpg.exe
  • %WINDIR%\assembly\temp\asian wep6b08 gay sgu4m7oc .zip.exe
  • %WINDIR%\assembly\tmp\z1qxwcd 7nd83wovj uncut eigt45 .zip.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\beast hot (!) (rdl1tfkz).mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zap6b8e.tmp\f1i7cm mzwpstr8n sgu4m7oc cock .rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape291.tmp\4h1e2a346 yzw1afy epyxwn nmibe2 .avi.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape56e.tmp\0287zh 8ok6yf [milf] titts b37oavmx289 .avi.exe
  • %WINDIR%\microsoft.net\framework\v4.0.30319\temporary asp.net files\upfgetx mzwpstr8n beast uncut hole .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_32\temp\sperm girls wifey (g6u8n4r).mpg.exe
  • %WINDIR%\microsoft.net\framework64\v4.0.30319\temporary asp.net files\7b6fhxi horse [free] (liz,dehod0).avi.exe
  • %WINDIR%\pla\templates\7b6fhxi 8ok6yf bd1l5ir [milf] titts young .zip.exe
  • %WINDIR%\security\templates\ 7nd83wovj ihthd33 (sarah,dehod0).avi.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\microsoft\windows\<INETFILES>\mzwpstr8n horse [milf] (haj1oyikd,hyo87il).mpeg.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\temp\gzn4ud7e xxx girls .zip.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\microsoft\windows\<INETFILES>\z9z7rwe beast yzw1afy nom72kl .mpeg.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\temp\z1qxwcd 8ok6yf vjq39c1gwy qx2j1b5 (sonja).rar.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\templates\4h1e2a346 h93bklf yzw1afy vjq39c1gwy (karin,36mho73).zip.exe
  • %WINDIR%\syswow64\config\systemprofile\8ok6yf mzwpstr8n apv53deiq9fw cock .zip.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\xxx 8ok6yf uncut .zip.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_64\temp\7nd83wovj uncut titts ae2sd7u4xh (jenna,36mho73).zip.exe
  • %WINDIR%\assembly\temp\z9z7rwe lpcu5ai3 uncut nmibe2 (36mho73).rar.exe
  • %WINDIR%\assembly\tmp\4h1e2a346 8ok6yf nude bq4kno .rar.exe
  • %WINDIR%\syswow64\fxstmp\xakmpl horse uncut boobs ash .mpg.exe
  • %WINDIR%\syswow64\ime\shared\viaz50 h93bklf ddqayq uncut qq6w54yfhtqrbwcslg .rar.exe
  • %WINDIR%\syswow64\config\systemprofile\wep6b08 bq4kno lady .mpg.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\zc8giv9 nude epyxwn .mpeg.exe
  • %WINDIR%\syswow64\fxstmp\eq7k2xcxt ddqayq bd1l5ir big boots (jenna,dehod0).avi.exe
  • %WINDIR%\syswow64\ime\shared\z1qxwcd tsomq34 ihthd33 kfp2yqq .zip.exe
  • %WINDIR%\microsoft.net\framework\v4.0.30319\temporary asp.net files\eq7k2xcxt xxx 7vepaqjm .avi.exe
  • %WINDIR%\temp\horse [milf] gh5b6gd7wrv .avi.exe
  • %WINDIR%\microsoft.net\framework64\v4.0.30319\temporary asp.net files\z1qxwcd bd1l5ir tsomq34 big lady .mpeg.exe
  • %WINDIR%\pla\templates\eq7k2xcxt xxx girls ejn547rbxhd1 .rar.exe
  • %WINDIR%\security\templates\wpjwijv tsomq34 7vepaqjm .rar.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\microsoft\windows\<INETFILES>\porn ddqayq uncut jxqgtp 6tl9zg0uqa .rar.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\temp\lpcu5ai3 mzwpstr8n hot (!) girly .rar.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\roaming\microsoft\windows\templates\nom72kl mzwpstr8n uncut (hyo87il).rar.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\microsoft\windows\<INETFILES>\s2fkave ddqayq girls feet zn3tvn (karin,rdl1tfkz).zip.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\temp\s2fkave nude [bangbus] hairy (dehod0,sandy).avi.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\templates\z1qxwcd nom72kl xxx apv53deiq9fw sgoibhh .mpg.exe
  • %WINDIR%\syswow64\config\systemprofile\bd1l5ir girls hairy .rar.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\tsomq34 nom72kl jxqgtp js80j73 (haj1oyikd).rar.exe
  • %WINDIR%\syswow64\fxstmp\z9z7rwe cum big js80j73 .mpeg.exe
  • %WINDIR%\syswow64\config\systemprofile\black h93bklf bd1l5ir hot (!) jxqgtp fishy .rar.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\horse uncut 40+ .mpeg.exe
  • %WINDIR%\syswow64\fxstmp\upfgetx cum vjq39c1gwy lady .zip.exe
  • %WINDIR%\syswow64\ime\shared\gzn4ud7e w6csjja14n1 hot (!) ash lady .rar.exe
  • %WINDIR%\temp\4h1e2a346 cum uncut gsva2xn (liz).mpeg.exe
  • %WINDIR%\winsxs\installtemp\nom72kl big .mpg.exe
  • %WINDIR%\winsxs\installtemp\black nom72kl [free] .mpeg.exe
Miscellaneous
Searches for the following windows
  • ClassName: 'Progman' WindowName: ''
  • ClassName: 'Proxy Desktop' WindowName: ''
Restarts the analyzed sample
Executes the following
  • '%WINDIR%\explorer.exe'

Recommandations pour le traitement

  1. Si le système d'exploitation peut être démarré (en mode normal ou en mode sans échec), téléchargez Dr.Web Security Space et lancez un scan complet de votre ordinateur et de tous les supports amovibles que vous utilisez. En savoir plus sur Dr.Web Security Space.
  2. Si le démarrage du système d'exploitation est impossible, veuillez modifier les paramètres du BIOS de votre ordinateur pour démarrer votre ordinateur via CD/DVD ou clé USB. Téléchargez l'image du disque de secours de restauration du système Dr.Web® LiveDisk ou l'utilitaire pour enregistrer Dr.Web® LiveDisk sur une clé USB, puis préparez la clé USB appropriée. Démarrez l'ordinateur à l'aide de cette clé et lancez le scan complet et le traitement des menaces détectées.
Version démo gratuite

 

Télécharger Dr.Web

Par le numéro de série

Veuillez lancer le scan complet du système à l'aide de Dr.Web Antivirus pour Mac OS.

Version démo gratuite

 

Télécharger Dr.Web sur le site

Par le numéro de série

Télécharger Dr.Web sur l'Apple Store

Veuillez lancer le scan complet de toutes les partitions du disque à l'aide de Dr.Web Antivirus pour Linux.

Version démo gratuite

 

Télécharger Dr.Web

Par le numéro de série

  1. Si votre appareil mobile fonctionne correctement, veuillez télécharger et installer sur votre appareil mobile Dr.Web pour Android. Lancez un scan complet et suivez les recommandations sur la neutralisation des menaces détectées.
  2. Si l'appareil mobile est bloqué par le Trojan de la famille Android.Locker (un message sur la violation grave de la loi ou la demande d'une rançon est affiché sur l'écran de l'appareil mobile), procédez comme suit:
    • démarrez votre Smartphone ou votre tablette en mode sans échec (si vous ne savez pas comment faire, consultez la documentation de l'appareil mobile ou contactez le fabricant) ;
    • puis téléchargez et installez sur votre appareil mobile Dr.Web pour Android et lancez un scan complet puis suivez les recommandations sur la neutralisation des menaces détectées ;
    • Débranchez votre appareil et rebranchez-le.

En savoir plus sur Dr.Web pour Android

Free trial

14 days

Download now
Get it on Google Play