Pour les utilisateurs

Fermer

Bibliothèque
Ma bibliothèque

+ Ajouter à la bibliothèque

Recherche
Recherche

Contacter-nous !
Support 24/24 | Rules regarding submitting

Envoyer un message

Requête à l'aide du formulaire

Nous téléphoner

0 825 300 230

Forum

Vos requêtes

  • Toutes : -
  • Non clôturées : -
  • Dernière : le -
Créer une nouvelle requête

Nous téléphoner

0 825 300 230

Profil

FR

RU CN DE EN ES FR IT JP KZ UZ PL BY ID
Fermer
Services support
Scanners
Dr.Web vxCube
Démo
Bibliothèque virale
Base documentaire

TECHNOLOGIES

TERMINOLOGIE

COURS ET EDU

MYTHES

Actualités

Trojan.KillProc2.25533

Added to the Dr.Web virus database: 2025-07-10

Virus description added:

Technical Information

Malicious functions
Terminates or attempts to terminate
the following system processes:
  • %WINDIR%\explorer.exe
  • <SYSTEM32>\taskhost.exe
  • <SYSTEM32>\dwm.exe
the following user processes:
  • iexplore.exe
  • firefox.exe
Modifies file system
Creates the following files
  • %WINDIR%y1s2fctrp3
  • %CommonProgramFiles%\microsoft shared\eq7k2xcxt porn mzwpstr8n vjq39c1gwy nrb42wq .rar.exe
  • %ProgramFiles%\dvd maker\shared\s2fkave w6csjja14n1 gay apv53deiq9fw .zip.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\8r3baiec 8ok6yf tsomq34 big (jade).mpg.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\fac71w2 horse xxx hot (!) (2hbt8wr).mpeg.exe
  • %ProgramFiles%\microsoft office\office14\groove\xml files\space templates\horse uncut .mpg.exe
  • %ProgramFiles%\microsoft office\templates\mzwpstr8n girls (sarah).zip.exe
  • %ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\beast apv53deiq9fw 8bgkvshe1 .avi.exe
  • %ProgramFiles%\windows journal\templates\gzn4ud7e w6csjja14n1 mnho9y54 hot (!) .zip.exe
  • %ProgramFiles%\windows sidebar\shared gadgets\beast [milf] (jade).rar.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\fac71w2 8ok6yf beast bq4kno hole qx2j1b5 .mpeg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\eq7k2xcxt porn gay bq4kno hole sweet (jade).mpg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\f07qtt horse nom72kl [free] .rar.exe
  • %CommonProgramFiles(x86)%\microsoft shared\eq7k2xcxt wep6b08 bq4kno glans ol6p1tua .rar.exe
  • %ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\ hot (!) cock .mpeg.exe
  • %ProgramFiles(x86)%\windows sidebar\shared gadgets\fac71w2 horse sperm hot (!) feet shoes (y8oxsqa).mpg.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\f1i7cm w6csjja14n1 lpcu5ai3 bq4kno nrb42wq .zip.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\black bd1l5ir mnho9y54 l9hwcs7vvnphd9 .avi.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\upfgetx cum yzw1afy [milf] feet ash .rar.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\z9z7rwe bd1l5ir mnho9y54 [free] titts .avi.exe
  • %ALLUSERSPROFILE%\templates\s2fkave bd1l5ir sperm uncut lady .mpg.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\gay vjq39c1gwy boots .mpg.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\ [milf] sm (sonja,sarah).mpg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\z9z7rwe bd1l5ir yzw1afy [milf] (liz).mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\8r3baiec w6csjja14n1 beast [free] boots .avi.exe
  • %ALLUSERSPROFILE%\templates\eq7k2xcxt w6csjja14n1 nom72kl epyxwn hairy .mpg.exe
  • C:\users\default\appdata\local\microsoft\windows\<INETFILES>\s2fkave 8ok6yf 7vepaqjm .mpeg.exe
  • C:\users\default\appdata\local\temp\f07qtt wep6b08 xxx hot (!) glans girly .avi.exe
  • C:\users\default\appdata\local\<INETFILES>\black nude beast apv53deiq9fw (sarah).zip.exe
  • C:\users\default\appdata\roaming\microsoft\windows\templates\fac71w2 porn lpcu5ai3 hot (!) hole .mpg.exe
  • C:\users\default\templates\z9z7rwe cum lpcu5ai3 big qx2j1b5 (rdl1tfkz,sarah).mpeg.exe
  • %LOCALAPPDATA%\microsoft\windows\<INETFILES>\eq7k2xcxt 8ok6yf mnho9y54 bq4kno (dxocjwba).avi.exe
  • %TEMP%\horse [free] hole 779mipj .rar.exe
  • %LOCALAPPDATA%\<INETFILES>\gay sgu4m7oc ash (sonja,liz).rar.exe
  • %LOCALAPPDATA%low\mozilla\temp-{070abd97-84e1-4f5f-9c02-f1d76dd9fce4}\eq7k2xcxt h93bklf sperm sgu4m7oc .mpeg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{1fae114c-c2b0-4da1-b23a-8e5ad0c3d722}\f1i7cm horse mnho9y54 uncut 8pfmdyy .mpeg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{3571406e-c08c-4c74-b145-8857b365f6e7}\f1i7cm wep6b08 nom72kl [bangbus] titts ol6p1tua (liz).zip.exe
  • %APPDATA%\microsoft\templates\black 7nd83wovj mzwpstr8n apv53deiq9fw .mpg.exe
  • %APPDATA%\microsoft\windows\templates\f07qtt porn vjq39c1gwy glans sm .zip.exe
  • %APPDATA%\mozilla\firefox\profiles\v08trqk6.default-release\storage\temporary\z9z7rwe bd1l5ir ihthd33 .avi.exe
  • %APPDATA%\thunderbird\profiles\chdgbv82.default-release\storage\temporary\s2fkave bd1l5ir uncut wifey .avi.exe
  • %HOMEPATH%\templates\8r3baiec porn xxx [bangbus] hole 8bgkvshe1 (y8oxsqa).avi.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor\gzn4ud7e 8ok6yf lpcu5ai3 girls sm .mpeg.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor.resources\8r3baiec 7nd83wovj nom72kl vjq39c1gwy gh5b6gd7wrv .zip.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor\lpcu5ai3 hot (!) feet shoes .mpg.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor.resources\mnho9y54 vjq39c1gwy hole sweet (2hbt8wr).rar.exe
  • %WINDIR%\assembly\gac_64\microsoft.sharepoint.businessdata.administration.client\eq7k2xcxt cum sperm big (cy4xpd).zip.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\gay sgu4m7oc 40+ (gina,g6u8n4r).mpeg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\ddqayq mzwpstr8n uncut feet boots .avi.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zap6b8e.tmp\mzwpstr8n epyxwn .zip.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape291.tmp\black xakmpl sperm uncut balls .rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape56e.tmp\s2fkave nude beast [free] .avi.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_32\temp\beast ihthd33 .mpg.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_64\temp\mzwpstr8n epyxwn nmibe2 .zip.exe
  • %WINDIR%\assembly\temp\ sgu4m7oc (y8oxsqa).mpg.exe
  • %WINDIR%\assembly\tmp\8r3baiec w6csjja14n1 yzw1afy epyxwn (cy4xpd).mpeg.exe
  • %WINDIR%\microsoft.net\framework\v4.0.30319\temporary asp.net files\upfgetx 7nd83wovj tsomq34 big nmibe2 .zip.exe
  • %WINDIR%\microsoft.net\framework64\v4.0.30319\temporary asp.net files\gzn4ud7e ddqayq tsomq34 sgu4m7oc titts sweet .mpg.exe
  • %WINDIR%\pla\templates\f07qtt nude tsomq34 big sgoibhh .mpeg.exe
  • %WINDIR%\security\templates\8r3baiec xakmpl yzw1afy sgu4m7oc hole lzxyhb7k .rar.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\microsoft\windows\<INETFILES>\ [milf] hotel .rar.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\temp\f1i7cm w6csjja14n1 nom72kl 40+ .rar.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\roaming\microsoft\windows\templates\fac71w2 ddqayq xxx bq4kno 8bgkvshe1 .rar.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\microsoft\windows\<INETFILES>\eq7k2xcxt h93bklf xxx bq4kno .mpeg.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\templates\ddqayq mzwpstr8n girls nmibe2 .mpeg.exe
  • %WINDIR%\syswow64\config\systemprofile\z9z7rwe w6csjja14n1 xxx l9hwcs7vvnphd9 hole (dehod0,g6u8n4r).avi.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\z9z7rwe porn [milf] lady .zip.exe
  • %WINDIR%\syswow64\fxstmp\wpjwijv horse 7vepaqjm titts .rar.exe
  • %WINDIR%\syswow64\ime\shared\upfgetx ddqayq horse apv53deiq9fw titts (rdl1tfkz,2hbt8wr).mpg.exe
  • %WINDIR%\syswow64\config\systemprofile\horse [milf] nmibe2 (sonja,sarah).zip.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\8r3baiec h93bklf l9hwcs7vvnphd9 titts girly .rar.exe
  • %WINDIR%\syswow64\fxstmp\8r3baiec ddqayq yzw1afy big fw58kpr41ob1w .mpg.exe
  • %WINDIR%\syswow64\ime\shared\mnho9y54 uncut b37oavmx289 .avi.exe
  • %WINDIR%\temp\fac71w2 ddqayq yzw1afy girls cock .avi.exe
  • %WINDIR%\winsxs\installtemp\8r3baiec nude beast hot (!) .avi.exe
  • <Current directory>\sqjaed7r1vnw
  • %CommonProgramFiles%\microsoft shared\ lpcu5ai3 [milf] legs qq6w54yfhtqrbwcslg .mpg.exe
  • %CommonProgramFiles%\microsoft shared\z9z7rwe nom72kl vjq39c1gwy sgoibhh .mpg.exe
  • %ProgramFiles%\dvd maker\shared\7b6fhxi beast nude apv53deiq9fw ejn547rbxhd1 .zip.exe
  • %ProgramFiles%\dvd maker\shared\mzwpstr8n 7vepaqjm sweet (2hbt8wr).zip.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\zc8giv9 beast nude l9hwcs7vvnphd9 gsva2xn .avi.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\zc8giv9 h93bklf gay sgu4m7oc titts fw58kpr41ob1w .rar.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\horse l9hwcs7vvnphd9 (sarah,haj1oyikd).avi.exe
  • %ProgramFiles%\microsoft office\office14\groove\xml files\space templates\asian horse nom72kl ihthd33 boobs nmibe2 .zip.exe
  • %ProgramFiles%\microsoft office\templates\gay cum [free] .rar.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\ddqayq bq4kno b37oavmx289 .mpeg.exe
  • %ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\7b6fhxi 7nd83wovj big .avi.exe
  • %ProgramFiles%\microsoft office\office14\groove\xml files\space templates\z9z7rwe sperm l9hwcs7vvnphd9 jxqgtp qx2j1b5 .zip.exe
  • %ProgramFiles%\windows journal\templates\upfgetx xakmpl lpcu5ai3 bq4kno feet .rar.exe
  • %ProgramFiles%\microsoft office\templates\wpjwijv lpcu5ai3 horse [free] feet ejn547rbxhd1 (sandy).zip.exe
  • %ProgramFiles%\windows sidebar\shared gadgets\f07qtt nude big zn3tvn (jade,c4w8hqa).mpeg.exe
  • %ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\f07qtt nude nude uncut hole ae2sd7u4xh (sarah,haj1oyikd).avi.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\z1qxwcd 8ok6yf bd1l5ir ihthd33 feet lzxyhb7k .avi.exe
  • %ProgramFiles%\windows journal\templates\nom72kl epyxwn legs .rar.exe
  • %ProgramFiles%\windows sidebar\shared gadgets\sperm uncut kfp2yqq .avi.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\jxaglwti porn 8ok6yf uncut qx2j1b5 (cy4xpd,2hbt8wr).mpeg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\wep6b08 bq4kno feet girly (sonja).avi.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\f07qtt mnho9y54 epyxwn (karin,36mho73).avi.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\mnho9y54 big fw58kpr41ob1w .mpeg.exe
  • %CommonProgramFiles(x86)%\microsoft shared\sperm apv53deiq9fw kfp2yqq .avi.exe
  • %CommonProgramFiles(x86)%\microsoft shared\upfgetx nude l9hwcs7vvnphd9 .rar.exe
  • %ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\cum xxx uncut (sandy).rar.exe
  • %ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\w6csjja14n1 h93bklf ihthd33 .mpeg.exe
  • %ProgramFiles(x86)%\windows sidebar\shared gadgets\f07qtt beast 7nd83wovj uncut eigt45 (36mho73,2hbt8wr).avi.exe
  • %ProgramFiles(x86)%\windows sidebar\shared gadgets\horse [milf] ash qx2j1b5 (cy4xpd,rdl1tfkz).mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\bd1l5ir ihthd33 gh5b6gd7wrv (sonja,36mho73).mpg.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\asian yzw1afy xakmpl l9hwcs7vvnphd9 (liz,sonja).mpg.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\bd1l5ir h93bklf nom72kl .rar.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\8r3baiec w6csjja14n1 uncut qx2j1b5 (karin,jade).zip.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\zc8giv9 gay hot (!) ash nmibe2 (sarah).mpg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\8r3baiec mzwpstr8n big zn3tvn (sarah,c4w8hqa).avi.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\8r3baiec mnho9y54 vjq39c1gwy .mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\asian beast [milf] .mpg.exe
  • %ALLUSERSPROFILE%\templates\8r3baiec mnho9y54 7vepaqjm legs .mpg.exe
  • %ALLUSERSPROFILE%\templates\ikdyfwhy 8ok6yf 7nd83wovj big js80j73 .zip.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\bd1l5ir porn vjq39c1gwy (cy4xpd).avi.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\7nd83wovj l9hwcs7vvnphd9 (liz,sarah).zip.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\wep6b08 sperm sgu4m7oc .mpg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\w6csjja14n1 apv53deiq9fw 40+ .zip.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\wpjwijv cum nom72kl fw58kpr41ob1w (jade,jade).mpg.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\beast nom72kl l9hwcs7vvnphd9 zmc8ujp .mpeg.exe
  • %ALLUSERSPROFILE%\templates\0287zh porn vjq39c1gwy feet .rar.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\gzn4ud7e horse sgu4m7oc ol6p1tua (sonja,y8oxsqa).rar.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\w6csjja14n1 wep6b08 [bangbus] titts 40+ .mpeg.exe
  • C:\users\default\appdata\local\microsoft\windows\<INETFILES>\beast nom72kl js80j73 .zip.exe
  • C:\users\default\appdata\local\temp\horse bq4kno qx2j1b5 .mpeg.exe
  • %ALLUSERSPROFILE%\templates\mnho9y54 wep6b08 [milf] zn3tvn (36mho73).rar.exe
  • C:\users\default\appdata\local\microsoft\windows\<INETFILES>\zc8giv9 tsomq34 uncut (sonja,jade).mpg.exe
  • C:\users\default\appdata\local\<INETFILES>\7nd83wovj nude l9hwcs7vvnphd9 wifey .zip.exe
  • C:\users\default\appdata\roaming\microsoft\windows\templates\gzn4ud7e beast hot (!) kfp2yqq 8bgkvshe1 (sonja).mpeg.exe
  • C:\users\default\templates\s2fkave horse hot (!) feet rv0y8n .avi.exe
  • C:\users\default\appdata\local\temp\f07qtt sperm nom72kl balls .zip.exe
  • C:\users\default\appdata\local\<INETFILES>\lpcu5ai3 [milf] fishy (2hbt8wr,sandy).mpeg.exe
  • C:\users\default\appdata\roaming\microsoft\windows\templates\upfgetx lpcu5ai3 big ash (jenna,y8oxsqa).avi.exe
  • %LOCALAPPDATA%\microsoft\windows\<INETFILES>\lpcu5ai3 nude epyxwn qq6w54yfhtqrbwcslg (cy4xpd,jenna).avi.exe
  • C:\users\default\templates\0287zh beast xakmpl big ash (c4w8hqa,y8oxsqa).rar.exe
  • %TEMP%\7b6fhxi cum 7vepaqjm hairy (dehod0,dehod0).rar.exe
  • %LOCALAPPDATA%\<INETFILES>\viaz50 xxx l9hwcs7vvnphd9 50+ (jenna).mpeg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{070abd97-84e1-4f5f-9c02-f1d76dd9fce4}\z9z7rwe ddqayq ihthd33 b37oavmx289 (sonja,rdl1tfkz).mpg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{1fae114c-c2b0-4da1-b23a-8e5ad0c3d722}\f07qtt 7nd83wovj bd1l5ir uncut ash .mpeg.exe
  • %LOCALAPPDATA%\microsoft\windows\<INETFILES>\f1i7cm lpcu5ai3 8ok6yf uncut ash .mpg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{3571406e-c08c-4c74-b145-8857b365f6e7}\s2fkave lpcu5ai3 w6csjja14n1 uncut kfp2yqq girly .avi.exe
  • %TEMP%\viaz50 xakmpl big ol6p1tua (g6u8n4r).avi.exe
  • %LOCALAPPDATA%\<INETFILES>\eq7k2xcxt apv53deiq9fw glans latex (c4w8hqa,hyo87il).zip.exe
  • %LOCALAPPDATA%low\mozilla\temp-{070abd97-84e1-4f5f-9c02-f1d76dd9fce4}\eq7k2xcxt xakmpl [free] zn3tvn .mpg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{1fae114c-c2b0-4da1-b23a-8e5ad0c3d722}\gay mzwpstr8n vjq39c1gwy 50+ .zip.exe
  • %APPDATA%\microsoft\templates\8r3baiec cum apv53deiq9fw (g6u8n4r,dxocjwba).mpg.exe
  • %APPDATA%\microsoft\windows\templates\f1i7cm horse epyxwn boobs lzxyhb7k .rar.exe
  • %LOCALAPPDATA%low\mozilla\temp-{3571406e-c08c-4c74-b145-8857b365f6e7}\wep6b08 mzwpstr8n [milf] glans boots .avi.exe
  • %APPDATA%\mozilla\firefox\profiles\v08trqk6.default-release\storage\temporary\xxx hot (!) jxqgtp sgoibhh (dehod0).zip.exe
  • %APPDATA%\microsoft\templates\ikdyfwhy horse bq4kno qx2j1b5 .zip.exe
  • %APPDATA%\thunderbird\profiles\chdgbv82.default-release\storage\temporary\4h1e2a346 porn sgu4m7oc cock hairy (sarah).mpg.exe
  • %HOMEPATH%\templates\f07qtt nude xakmpl sgu4m7oc balls .rar.exe
  • %APPDATA%\microsoft\windows\templates\horse h93bklf l9hwcs7vvnphd9 .mpg.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor\f1i7cm nude [free] gh5b6gd7wrv .mpg.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor.resources\ bq4kno (sarah).mpg.exe
  • %APPDATA%\mozilla\firefox\profiles\v08trqk6.default-release\storage\temporary\wpjwijv gay uncut legs sweet .rar.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor\black cum 7vepaqjm (jade).mpg.exe
  • %APPDATA%\thunderbird\profiles\chdgbv82.default-release\storage\temporary\xakmpl vjq39c1gwy (jenna).zip.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor.resources\jxaglwti nude yzw1afy [free] eigt45 .mpg.exe
  • %HOMEPATH%\templates\upfgetx xxx horse girls .rar.exe
  • %WINDIR%\assembly\gac_64\microsoft.sharepoint.businessdata.administration.client\8r3baiec xakmpl 7nd83wovj epyxwn b37oavmx289 .avi.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor\z9z7rwe horse tsomq34 7vepaqjm zmc8ujp .mpeg.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor.resources\wep6b08 sgu4m7oc .avi.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor.resources\yzw1afy epyxwn .mpg.exe
  • %WINDIR%\assembly\gac_64\microsoft.sharepoint.businessdata.administration.client\fac71w2 sperm horse 7vepaqjm .mpg.exe
  • %WINDIR%\assembly\gac_msil\microsoft.sharepoint.businessdata.administration.client.intl\fac71w2 horse 8ok6yf ihthd33 nrb42wq (sandy).mpeg.exe
  • %WINDIR%\assembly\gac_msil\microsoft.sharepoint.businessdata.administration.client.intl\horse uncut mg9fvb2xk9 .avi.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\asian ddqayq sgu4m7oc feet .mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\7b6fhxi nom72kl lpcu5ai3 vjq39c1gwy glans zn3tvn .avi.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\zap9e41.tmp\z1qxwcd bd1l5ir epyxwn .zip.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\zap9e41.tmp\7nd83wovj bq4kno glans .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\7nd83wovj girls glans b37oavmx289 .zip.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\wpjwijv xxx 7nd83wovj girls lzxyhb7k .rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zap6b8e.tmp\horse vjq39c1gwy rv0y8n .mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zap6b8e.tmp\tsomq34 xakmpl girls kfp2yqq .zip.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape291.tmp\sperm [free] rv0y8n .zip.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape291.tmp\ vjq39c1gwy boobs .rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape56e.tmp\nude w6csjja14n1 girls .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape56e.tmp\wpjwijv h93bklf ihthd33 qx2j1b5 (y8oxsqa,36mho73).mpeg.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_32\temp\0287zh bd1l5ir epyxwn fw58kpr41ob1w .mpg.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_32\temp\7b6fhxi 8ok6yf 7nd83wovj girls hairy .avi.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_64\temp\gay sgu4m7oc girly .zip.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_64\temp\bd1l5ir epyxwn legs hotel .mpeg.exe
  • %WINDIR%\assembly\temp\f1i7cm beast ddqayq bq4kno jxqgtp (gina).mpeg.exe
  • %WINDIR%\assembly\temp\0287zh yzw1afy gay [free] qq6w54yfhtqrbwcslg .rar.exe
  • %WINDIR%\assembly\tmp\eq7k2xcxt w6csjja14n1 xxx [milf] titts ae2sd7u4xh .mpg.exe
  • %WINDIR%\assembly\tmp\asian xakmpl beast ihthd33 gsva2xn .avi.exe
  • %WINDIR%\microsoft.net\framework\v4.0.30319\temporary asp.net files\upfgetx cum 7nd83wovj [milf] nmibe2 .mpg.exe
  • %WINDIR%\microsoft.net\framework\v4.0.30319\temporary asp.net files\jxaglwti cum xakmpl sgu4m7oc latex .mpeg.exe
  • %WINDIR%\microsoft.net\framework64\v4.0.30319\temporary asp.net files\gzn4ud7e porn sgu4m7oc cock .mpg.exe
  • %WINDIR%\microsoft.net\framework64\v4.0.30319\temporary asp.net files\mzwpstr8n h93bklf girls gh5b6gd7wrv .rar.exe
  • %WINDIR%\pla\templates\sperm cum big boobs fishy .mpeg.exe
  • %WINDIR%\pla\templates\yzw1afy 7vepaqjm hole .avi.exe
  • %WINDIR%\security\templates\eq7k2xcxt horse w6csjja14n1 hot (!) .avi.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\microsoft\windows\<INETFILES>\ikdyfwhy gay girls hole .mpg.exe
  • %WINDIR%\security\templates\fac71w2 xxx ihthd33 kfp2yqq qx2j1b5 (cy4xpd,36mho73).rar.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\temp\7b6fhxi wep6b08 vjq39c1gwy lady .rar.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\roaming\microsoft\windows\templates\gzn4ud7e nom72kl porn girls (sonja,gina).zip.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\microsoft\windows\<INETFILES>\nude nom72kl qq6w54yfhtqrbwcslg .zip.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\microsoft\windows\<INETFILES>\zc8giv9 h93bklf [free] 779mipj .zip.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\temp\tsomq34 xakmpl hot (!) eigt45 .mpeg.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\temp\xxx uncut shoes .mpg.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\roaming\microsoft\windows\templates\zc8giv9 cum [free] gh5b6gd7wrv (karin,jenna).mpg.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\templates\7b6fhxi xxx gay [free] girly (dehod0).zip.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\microsoft\windows\<INETFILES>\zc8giv9 wep6b08 apv53deiq9fw js80j73 (sonja,haj1oyikd).rar.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\temp\horse 7vepaqjm .mpeg.exe
  • %WINDIR%\syswow64\config\systemprofile\horse [free] gsva2xn (sonja).rar.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\ikdyfwhy cum nude bq4kno .avi.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\templates\ uncut eigt45 (sonja).zip.exe
  • %WINDIR%\syswow64\config\systemprofile\gay beast [bangbus] kfp2yqq ash .avi.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\beast lpcu5ai3 big .zip.exe
  • %WINDIR%\syswow64\fxstmp\4h1e2a346 beast girls .avi.exe
  • %WINDIR%\syswow64\ime\shared\beast horse uncut (cy4xpd,sonja).rar.exe
  • %WINDIR%\syswow64\fxstmp\4h1e2a346 mnho9y54 l9hwcs7vvnphd9 qx2j1b5 .mpg.exe
  • %WINDIR%\syswow64\ime\shared\ddqayq xakmpl [milf] js80j73 (2hbt8wr).mpeg.exe
  • %WINDIR%\syswow64\config\systemprofile\4h1e2a346 mnho9y54 vjq39c1gwy nmibe2 .mpg.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\s2fkave w6csjja14n1 w6csjja14n1 uncut ash (sandy,sonja).mpeg.exe
  • %WINDIR%\syswow64\fxstmp\asian xakmpl mnho9y54 [milf] boots .mpg.exe
  • %WINDIR%\syswow64\config\systemprofile\z9z7rwe mnho9y54 horse epyxwn boobs zn3tvn .rar.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\beast sgu4m7oc gh5b6gd7wrv .mpeg.exe
  • %WINDIR%\syswow64\ime\shared\0287zh horse apv53deiq9fw titts (sandy,y8oxsqa).mpeg.exe
  • %WINDIR%\syswow64\fxstmp\eq7k2xcxt xxx w6csjja14n1 vjq39c1gwy young .rar.exe
  • %WINDIR%\syswow64\ime\shared\viaz50 cum apv53deiq9fw sm .avi.exe
  • %WINDIR%\temp\yzw1afy big hairy .avi.exe
  • %WINDIR%\temp\w6csjja14n1 [free] 8pfmdyy .mpg.exe
  • %WINDIR%\winsxs\installtemp\upfgetx mzwpstr8n nom72kl hot (!) 8bgkvshe1 .rar.exe
  • %WINDIR%\winsxs\installtemp\7b6fhxi 8ok6yf [bangbus] 779mipj .zip.exe
  • %CommonProgramFiles%\microsoft shared\7b6fhxi 8ok6yf yzw1afy uncut (haj1oyikd,jenna).mpg.exe
  • %ProgramFiles%\dvd maker\shared\jxaglwti xakmpl nom72kl feet hotel (y8oxsqa).avi.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\gzn4ud7e 7nd83wovj l9hwcs7vvnphd9 girly .mpg.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\upfgetx yzw1afy 8ok6yf [free] jxqgtp .avi.exe
  • %ProgramFiles%\microsoft office\office14\groove\xml files\space templates\gay mzwpstr8n girls hole .rar.exe
  • %ProgramFiles%\microsoft office\templates\w6csjja14n1 h93bklf bq4kno latex .rar.exe
  • %ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\jxaglwti nom72kl [bangbus] .zip.exe
  • %ProgramFiles%\windows journal\templates\f1i7cm sperm mnho9y54 apv53deiq9fw 8bgkvshe1 .avi.exe
  • %ProgramFiles%\windows sidebar\shared gadgets\wpjwijv wep6b08 horse vjq39c1gwy lzxyhb7k .mpeg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\ikdyfwhy cum epyxwn zn3tvn (sonja,karin).avi.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\fac71w2 cum nude nom72kl .rar.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\eq7k2xcxt wep6b08 ihthd33 (karin).mpeg.exe
  • %CommonProgramFiles(x86)%\microsoft shared\black xxx tsomq34 bq4kno zn3tvn .avi.exe
  • %ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\z9z7rwe w6csjja14n1 horse nom72kl js80j73 (c4w8hqa).mpg.exe
  • %ProgramFiles(x86)%\windows sidebar\shared gadgets\tsomq34 beast [free] fw58kpr41ob1w (g6u8n4r).mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\4h1e2a346 lpcu5ai3 nude uncut .rar.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\gay sperm l9hwcs7vvnphd9 ol6p1tua .zip.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\7nd83wovj [milf] cock 40+ .mpg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\s2fkave horse wep6b08 hot (!) cock 8bgkvshe1 .zip.exe
  • %ALLUSERSPROFILE%\templates\8r3baiec xxx nom72kl (hyo87il).avi.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\8r3baiec h93bklf wep6b08 [free] eigt45 .avi.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\mzwpstr8n 8ok6yf [bangbus] 40+ .rar.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\0287zh wep6b08 epyxwn cock girly .mpg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\f1i7cm bd1l5ir w6csjja14n1 uncut .mpeg.exe
  • %ALLUSERSPROFILE%\templates\ikdyfwhy 7nd83wovj cum nom72kl feet .mpg.exe
  • C:\users\default\appdata\local\microsoft\windows\<INETFILES>\f1i7cm tsomq34 uncut legs .rar.exe
  • C:\users\default\appdata\local\temp\f1i7cm xxx xxx ihthd33 .mpeg.exe
  • C:\users\default\appdata\local\<INETFILES>\lpcu5ai3 l9hwcs7vvnphd9 .mpeg.exe
  • C:\users\default\appdata\roaming\microsoft\windows\templates\asian w6csjja14n1 [free] .rar.exe
  • C:\users\default\templates\black wep6b08 gay nom72kl (hyo87il).avi.exe
  • %LOCALAPPDATA%\microsoft\windows\<INETFILES>\viaz50 h93bklf wep6b08 uncut (c4w8hqa,hyo87il).mpg.exe
  • %TEMP%\s2fkave mnho9y54 sperm [milf] .zip.exe
  • %LOCALAPPDATA%\<INETFILES>\asian nude cum ihthd33 boots (gina).mpeg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{070abd97-84e1-4f5f-9c02-f1d76dd9fce4}\tsomq34 yzw1afy [free] latex .mpeg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{1fae114c-c2b0-4da1-b23a-8e5ad0c3d722}\upfgetx porn apv53deiq9fw .mpg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{3571406e-c08c-4c74-b145-8857b365f6e7}\0287zh xxx ddqayq nom72kl (36mho73).rar.exe
  • %APPDATA%\microsoft\templates\8r3baiec ddqayq nude uncut boobs .avi.exe
  • %APPDATA%\microsoft\windows\templates\gay l9hwcs7vvnphd9 ash (sonja).zip.exe
  • %APPDATA%\mozilla\firefox\profiles\v08trqk6.default-release\storage\temporary\h93bklf horse nom72kl young (jenna,gina).mpeg.exe
  • %APPDATA%\thunderbird\profiles\chdgbv82.default-release\storage\temporary\gzn4ud7e lpcu5ai3 l9hwcs7vvnphd9 .rar.exe
  • %HOMEPATH%\templates\black tsomq34 horse hot (!) legs boots .mpeg.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor\wpjwijv horse nom72kl girly .mpg.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor.resources\horse bd1l5ir uncut ash b37oavmx289 .avi.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor\gzn4ud7e 8ok6yf apv53deiq9fw kfp2yqq .avi.exe
  • %WINDIR%\assembly\gac_64\microsoft.sharepoint.businessdata.administration.client\ikdyfwhy horse mnho9y54 ihthd33 wifey .mpeg.exe
  • %WINDIR%\assembly\gac_msil\microsoft.sharepoint.businessdata.administration.client.intl\fac71w2 horse sperm epyxwn .zip.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\zap9e41.tmp\xxx uncut latex .avi.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\horse nom72kl nom72kl .rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zap6b8e.tmp\z1qxwcd sperm mzwpstr8n [bangbus] kfp2yqq b37oavmx289 .mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape291.tmp\7nd83wovj epyxwn .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape56e.tmp\z9z7rwe mnho9y54 [free] legs .mpg.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_32\temp\porn nude uncut feet 50+ (sonja,sonja).mpeg.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_64\temp\gzn4ud7e horse tsomq34 [bangbus] .mpg.exe
  • %WINDIR%\assembly\temp\black 8ok6yf uncut legs mg9fvb2xk9 .avi.exe
  • %WINDIR%\assembly\tmp\black xxx mzwpstr8n epyxwn (jenna,sonja).mpg.exe
  • %WINDIR%\microsoft.net\framework\v4.0.30319\temporary asp.net files\upfgetx horse nude epyxwn .zip.exe
  • %WINDIR%\microsoft.net\framework64\v4.0.30319\temporary asp.net files\z9z7rwe w6csjja14n1 wep6b08 7vepaqjm ash wifey .mpeg.exe
  • %WINDIR%\pla\templates\ sgu4m7oc ash sgoibhh .avi.exe
  • %WINDIR%\security\templates\fac71w2 7nd83wovj mzwpstr8n vjq39c1gwy js80j73 .mpeg.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\microsoft\windows\<INETFILES>\z1qxwcd beast uncut boobs .mpg.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\temp\8ok6yf girls zmc8ujp .rar.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\roaming\microsoft\windows\templates\nude nom72kl (c4w8hqa,dxocjwba).avi.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\microsoft\windows\<INETFILES>\upfgetx nom72kl [milf] boots (sonja).mpeg.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\temp\7b6fhxi mzwpstr8n l9hwcs7vvnphd9 mg9fvb2xk9 .avi.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\templates\w6csjja14n1 big sm (gina).rar.exe
  • %WINDIR%\syswow64\config\systemprofile\jxaglwti wep6b08 bq4kno kfp2yqq shoes .mpeg.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\horse nom72kl .rar.exe
  • %WINDIR%\syswow64\fxstmp\cum horse [bangbus] .zip.exe
  • %WINDIR%\syswow64\ime\shared\wep6b08 horse apv53deiq9fw feet ae2sd7u4xh .avi.exe
  • %WINDIR%\syswow64\config\systemprofile\z9z7rwe cum girls sm .avi.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\7b6fhxi xakmpl lpcu5ai3 apv53deiq9fw b37oavmx289 .rar.exe
  • %WINDIR%\syswow64\fxstmp\black mnho9y54 epyxwn nrb42wq (2hbt8wr,haj1oyikd).mpeg.exe
  • %WINDIR%\syswow64\ime\shared\bd1l5ir [bangbus] 40+ (2hbt8wr,hyo87il).zip.exe
  • %WINDIR%\temp\z1qxwcd xxx nude [bangbus] legs qx2j1b5 .avi.exe
  • %WINDIR%\winsxs\installtemp\upfgetx bd1l5ir bq4kno hotel .zip.exe
Miscellaneous
Searches for the following windows
  • ClassName: 'Progman' WindowName: ''
  • ClassName: 'Proxy Desktop' WindowName: ''
Restarts the analyzed sample
Executes the following
  • '%WINDIR%\explorer.exe'

Recommandations pour le traitement

  1. Si le système d'exploitation peut être démarré (en mode normal ou en mode sans échec), téléchargez Dr.Web Security Space et lancez un scan complet de votre ordinateur et de tous les supports amovibles que vous utilisez. En savoir plus sur Dr.Web Security Space.
  2. Si le démarrage du système d'exploitation est impossible, veuillez modifier les paramètres du BIOS de votre ordinateur pour démarrer votre ordinateur via CD/DVD ou clé USB. Téléchargez l'image du disque de secours de restauration du système Dr.Web® LiveDisk ou l'utilitaire pour enregistrer Dr.Web® LiveDisk sur une clé USB, puis préparez la clé USB appropriée. Démarrez l'ordinateur à l'aide de cette clé et lancez le scan complet et le traitement des menaces détectées.
Version démo gratuite

 

Télécharger Dr.Web

Par le numéro de série

Veuillez lancer le scan complet du système à l'aide de Dr.Web Antivirus pour Mac OS.

Version démo gratuite

 

Télécharger Dr.Web sur le site

Par le numéro de série

Télécharger Dr.Web sur l'Apple Store

Veuillez lancer le scan complet de toutes les partitions du disque à l'aide de Dr.Web Antivirus pour Linux.

Version démo gratuite

 

Télécharger Dr.Web

Par le numéro de série

  1. Si votre appareil mobile fonctionne correctement, veuillez télécharger et installer sur votre appareil mobile Dr.Web pour Android. Lancez un scan complet et suivez les recommandations sur la neutralisation des menaces détectées.
  2. Si l'appareil mobile est bloqué par le Trojan de la famille Android.Locker (un message sur la violation grave de la loi ou la demande d'une rançon est affiché sur l'écran de l'appareil mobile), procédez comme suit:
    • démarrez votre Smartphone ou votre tablette en mode sans échec (si vous ne savez pas comment faire, consultez la documentation de l'appareil mobile ou contactez le fabricant) ;
    • puis téléchargez et installez sur votre appareil mobile Dr.Web pour Android et lancez un scan complet puis suivez les recommandations sur la neutralisation des menaces détectées ;
    • Débranchez votre appareil et rebranchez-le.

En savoir plus sur Dr.Web pour Android

Free trial

14 days

Download now
Get it on Google Play