Pour les utilisateurs

Fermer

Bibliothèque
Ma bibliothèque

+ Ajouter à la bibliothèque

Recherche
Recherche

Contacter-nous !
Support 24/24 | Rules regarding submitting

Envoyer un message

Requête à l'aide du formulaire

Nous téléphoner

0 825 300 230

Forum

Vos requêtes

  • Toutes : -
  • Non clôturées : -
  • Dernière : le -
Créer une nouvelle requête

Nous téléphoner

0 825 300 230

Profil

FR

RU CN DE EN ES FR IT JP KZ UZ PL BY ID
Fermer
Services support
Scanners
Dr.Web vxCube
Démo
Bibliothèque virale
Base documentaire

TECHNOLOGIES

TERMINOLOGIE

COURS ET EDU

MYTHES

Actualités

Trojan.KillProc2.27950

Added to the Dr.Web virus database: 2025-07-16

Virus description added:

Technical Information

Malicious functions
Terminates or attempts to terminate
the following system processes:
  • %WINDIR%\explorer.exe
  • <SYSTEM32>\taskhost.exe
  • <SYSTEM32>\dwm.exe
the following user processes:
  • iexplore.exe
  • firefox.exe
Modifies file system
Creates the following files
  • %WINDIR%y1s2fctrp3
  • %CommonProgramFiles%\microsoft shared\ddqayq w6csjja14n1 girls .zip.exe
  • %ProgramFiles%\dvd maker\shared\mnho9y54 gay big boots .zip.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\f07qtt bd1l5ir lpcu5ai3 big hole ash .mpeg.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\zc8giv9 7nd83wovj mnho9y54 uncut qq6w54yfhtqrbwcslg .zip.exe
  • %ProgramFiles%\microsoft office\office14\groove\xml files\space templates\7b6fhxi nom72kl uncut legs .rar.exe
  • %ProgramFiles%\microsoft office\templates\ikdyfwhy bd1l5ir mzwpstr8n [free] kfp2yqq fishy .rar.exe
  • %ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\ikdyfwhy ddqayq mzwpstr8n girls fishy (hyo87il,liz).mpg.exe
  • %ProgramFiles%\windows journal\templates\tsomq34 uncut latex .avi.exe
  • %ProgramFiles%\windows sidebar\shared gadgets\z1qxwcd tsomq34 sgu4m7oc titts ae2sd7u4xh .mpg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\horse uncut (jade).mpeg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\f07qtt horse mnho9y54 uncut young (rdl1tfkz).zip.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\black mnho9y54 horse 7vepaqjm ash .zip.exe
  • %CommonProgramFiles(x86)%\microsoft shared\upfgetx xakmpl nom72kl ihthd33 jxqgtp nrb42wq .rar.exe
  • %ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\jxaglwti sperm vjq39c1gwy .zip.exe
  • %ProgramFiles(x86)%\windows sidebar\shared gadgets\f07qtt yzw1afy vjq39c1gwy titts (c4w8hqa).rar.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\bd1l5ir vjq39c1gwy .mpg.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\zc8giv9 horse apv53deiq9fw young (dxocjwba,jade).mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\xakmpl beast bq4kno glans zn3tvn (haj1oyikd,cy4xpd).zip.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\mnho9y54 ihthd33 .avi.exe
  • %ALLUSERSPROFILE%\templates\7nd83wovj w6csjja14n1 epyxwn feet (36mho73).mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\f07qtt xakmpl uncut lady (sonja,gina).mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\eq7k2xcxt sperm mzwpstr8n hot (!) .mpg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\z9z7rwe ddqayq [milf] .avi.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\s2fkave xakmpl mzwpstr8n hot (!) eigt45 .mpeg.exe
  • %ALLUSERSPROFILE%\templates\sperm [free] glans gsva2xn .rar.exe
  • C:\users\default\appdata\local\microsoft\windows\<INETFILES>\upfgetx cum xakmpl uncut feet (dxocjwba,rdl1tfkz).zip.exe
  • C:\users\default\appdata\local\temp\ikdyfwhy horse hot (!) .mpeg.exe
  • C:\users\default\appdata\local\<INETFILES>\8ok6yf apv53deiq9fw hairy .mpeg.exe
  • C:\users\default\appdata\roaming\microsoft\windows\templates\xakmpl gay hot (!) nmibe2 .rar.exe
  • C:\users\default\templates\zc8giv9 bd1l5ir gay [bangbus] .rar.exe
  • %LOCALAPPDATA%\microsoft\windows\<INETFILES>\7b6fhxi porn nom72kl [free] glans rv0y8n .zip.exe
  • %TEMP%\xakmpl uncut cock qq6w54yfhtqrbwcslg (g6u8n4r,hyo87il).zip.exe
  • %LOCALAPPDATA%\<INETFILES>\0287zh sperm [free] (dxocjwba,hyo87il).zip.exe
  • %LOCALAPPDATA%low\mozilla\temp-{070abd97-84e1-4f5f-9c02-f1d76dd9fce4}\lpcu5ai3 [milf] b37oavmx289 (sandy,g6u8n4r).mpg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{1fae114c-c2b0-4da1-b23a-8e5ad0c3d722}\z1qxwcd xakmpl w6csjja14n1 ihthd33 hairy (2hbt8wr).zip.exe
  • %LOCALAPPDATA%low\mozilla\temp-{3571406e-c08c-4c74-b145-8857b365f6e7}\asian yzw1afy horse uncut .avi.exe
  • %APPDATA%\microsoft\windows\templates\nom72kl vjq39c1gwy (sonja).avi.exe
  • %APPDATA%\mozilla\firefox\profiles\v08trqk6.default-release\storage\temporary\zc8giv9 sperm horse uncut .mpg.exe
  • %APPDATA%\thunderbird\profiles\chdgbv82.default-release\storage\temporary\xakmpl nom72kl ihthd33 boobs (gina).mpeg.exe
  • %HOMEPATH%\templates\ikdyfwhy xakmpl [free] .mpg.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor\porn nom72kl jxqgtp .avi.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor.resources\bd1l5ir gay [milf] .mpg.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor\f07qtt cum uncut cock .mpg.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor.resources\f07qtt yzw1afy apv53deiq9fw titts .mpeg.exe
  • %WINDIR%\assembly\gac_64\microsoft.sharepoint.businessdata.administration.client\asian yzw1afy ihthd33 qx2j1b5 .mpeg.exe
  • %WINDIR%\assembly\gac_msil\microsoft.sharepoint.businessdata.administration.client.intl\upfgetx porn mzwpstr8n [bangbus] boobs mg9fvb2xk9 .zip.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\4h1e2a346 nom72kl 8ok6yf big cock b37oavmx289 (haj1oyikd,g6u8n4r).avi.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\zap9e41.tmp\eq7k2xcxt xakmpl bq4kno nmibe2 .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\black mnho9y54 girls girly (rdl1tfkz,c4w8hqa).avi.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zap6b8e.tmp\porn ihthd33 ash boots .avi.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape291.tmp\tsomq34 ihthd33 .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape56e.tmp\horse horse uncut hole .avi.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_32\temp\s2fkave porn epyxwn .avi.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_64\temp\porn gay vjq39c1gwy .mpeg.exe
  • %WINDIR%\assembly\temp\fac71w2 lpcu5ai3 nom72kl 7vepaqjm young .zip.exe
  • %WINDIR%\assembly\tmp\gzn4ud7e lpcu5ai3 7nd83wovj l9hwcs7vvnphd9 fishy (2hbt8wr).mpg.exe
  • %WINDIR%\microsoft.net\framework\v4.0.30319\temporary asp.net files\jxaglwti mnho9y54 epyxwn .avi.exe
  • %WINDIR%\microsoft.net\framework64\v4.0.30319\temporary asp.net files\asian beast [milf] fishy .rar.exe
  • %WINDIR%\pla\templates\0287zh w6csjja14n1 apv53deiq9fw .rar.exe
  • %WINDIR%\security\templates\wpjwijv mnho9y54 uncut feet eigt45 .rar.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\temp\upfgetx beast big ejn547rbxhd1 .rar.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\roaming\microsoft\windows\templates\wpjwijv 8ok6yf uncut titts girly .avi.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\microsoft\windows\<INETFILES>\z1qxwcd ddqayq w6csjja14n1 ihthd33 .rar.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\temp\asian xxx ddqayq l9hwcs7vvnphd9 kfp2yqq .zip.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\templates\fac71w2 cum w6csjja14n1 vjq39c1gwy (rdl1tfkz,liz).avi.exe
  • %WINDIR%\syswow64\config\systemprofile\0287zh cum [milf] .avi.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\lpcu5ai3 [free] .zip.exe
  • %WINDIR%\syswow64\fxstmp\yzw1afy [free] kfp2yqq wifey (sonja,y8oxsqa).rar.exe
  • %WINDIR%\syswow64\ime\shared\f1i7cm h93bklf nom72kl zn3tvn .avi.exe
  • %WINDIR%\syswow64\config\systemprofile\upfgetx nom72kl ihthd33 jxqgtp sm .zip.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\eq7k2xcxt nom72kl uncut mg9fvb2xk9 .avi.exe
  • %WINDIR%\syswow64\fxstmp\viaz50 tsomq34 7vepaqjm .rar.exe
  • %WINDIR%\syswow64\ime\shared\fac71w2 nude tsomq34 [milf] ash .rar.exe
  • %WINDIR%\temp\h93bklf [free] .zip.exe
  • %WINDIR%\winsxs\installtemp\beast 8ok6yf [bangbus] .mpeg.exe
  • <Current directory>\sqjaed7r1vnw
  • %CommonProgramFiles%\microsoft shared\z9z7rwe cum sgu4m7oc feet boots (dxocjwba,sandy).mpg.exe
  • %ProgramFiles%\dvd maker\shared\wpjwijv 7nd83wovj xxx apv53deiq9fw cock zn3tvn .zip.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\yzw1afy uncut .rar.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\mzwpstr8n girls jxqgtp (dxocjwba,liz).mpg.exe
  • %ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\f07qtt 7nd83wovj vjq39c1gwy .mpg.exe
  • %ProgramFiles%\windows journal\templates\nom72kl porn uncut glans 8pfmdyy (36mho73,jenna).mpg.exe
  • %CommonProgramFiles%\microsoft shared\black 7nd83wovj sperm bq4kno titts hairy .mpg.exe
  • %ProgramFiles%\windows sidebar\shared gadgets\0287zh beast nom72kl 6tl9zg0uqa .avi.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\7nd83wovj sperm 7vepaqjm 40+ .mpeg.exe
  • %ProgramFiles%\dvd maker\shared\f1i7cm nude horse l9hwcs7vvnphd9 (2hbt8wr).mpeg.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\mnho9y54 [bangbus] ol6p1tua (sonja,sarah).avi.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\horse uncut feet .zip.exe
  • %ProgramFiles%\microsoft office\office14\groove\xml files\space templates\ sgu4m7oc ae2sd7u4xh .rar.exe
  • %ProgramFiles%\microsoft office\templates\mnho9y54 ihthd33 nmibe2 .rar.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\lpcu5ai3 l9hwcs7vvnphd9 (haj1oyikd,g6u8n4r).avi.exe
  • %ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\horse [milf] .mpeg.exe
  • %ProgramFiles%\windows sidebar\shared gadgets\lpcu5ai3 [milf] eigt45 .avi.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\mzwpstr8n yzw1afy uncut .mpeg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\xxx girls (dxocjwba).rar.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\black w6csjja14n1 mzwpstr8n hot (!) cock qx2j1b5 .mpeg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\upfgetx nude xxx nom72kl .rar.exe
  • %CommonProgramFiles(x86)%\microsoft shared\mnho9y54 l9hwcs7vvnphd9 feet fishy .zip.exe
  • %CommonProgramFiles(x86)%\microsoft shared\4h1e2a346 horse cum 7vepaqjm hole (haj1oyikd,g6u8n4r).mpg.exe
  • %ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\gzn4ud7e wep6b08 lpcu5ai3 girls hole qx2j1b5 .mpeg.exe
  • %ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\yzw1afy 7vepaqjm .mpg.exe
  • %ProgramFiles(x86)%\windows sidebar\shared gadgets\mnho9y54 nom72kl hole shoes (cy4xpd).zip.exe
  • %ProgramFiles(x86)%\windows sidebar\shared gadgets\cum mzwpstr8n nom72kl qx2j1b5 .mpg.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\fac71w2 7nd83wovj lpcu5ai3 ihthd33 glans fw58kpr41ob1w (liz).rar.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\4h1e2a346 nude nom72kl cock (c4w8hqa).zip.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\black 8ok6yf tsomq34 [bangbus] cock .avi.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\gzn4ud7e lpcu5ai3 hot (!) .mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\yzw1afy sgu4m7oc lady (haj1oyikd,cy4xpd).zip.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\mzwpstr8n 7vepaqjm titts .avi.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\s2fkave xxx lpcu5ai3 7vepaqjm zn3tvn .avi.exe
  • %ALLUSERSPROFILE%\templates\lpcu5ai3 epyxwn b37oavmx289 .avi.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\eq7k2xcxt w6csjja14n1 nom72kl bq4kno hotel .mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\4h1e2a346 bd1l5ir uncut boobs wifey .mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\gzn4ud7e horse mzwpstr8n [milf] gsva2xn .zip.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\gay [milf] hole .mpeg.exe
  • %ALLUSERSPROFILE%\templates\tsomq34 [milf] .zip.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\gzn4ud7e xakmpl sperm [bangbus] feet gsva2xn (gina,karin).rar.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\upfgetx horse uncut boobs .avi.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\7nd83wovj mzwpstr8n [bangbus] .avi.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\xxx apv53deiq9fw 50+ .mpg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\7nd83wovj yzw1afy girls fw58kpr41ob1w .mpeg.exe
  • %ALLUSERSPROFILE%\templates\f1i7cm 8ok6yf xxx bq4kno sgoibhh .mpeg.exe
  • %ALLUSERSPROFILE%\templates\f07qtt 8ok6yf 8ok6yf bq4kno .mpeg.exe
  • C:\users\default\appdata\local\microsoft\windows\<INETFILES>\mnho9y54 sperm vjq39c1gwy girly (liz,haj1oyikd).zip.exe
  • C:\users\default\appdata\local\temp\ hot (!) .mpeg.exe
  • C:\users\default\appdata\local\temp\z9z7rwe porn ihthd33 feet 8pfmdyy .rar.exe
  • C:\users\default\appdata\local\<INETFILES>\xxx nom72kl lady .avi.exe
  • C:\users\default\appdata\local\<INETFILES>\ikdyfwhy sperm beast [milf] 50+ .mpg.exe
  • C:\users\default\appdata\roaming\microsoft\windows\templates\s2fkave mzwpstr8n girls .mpg.exe
  • C:\users\default\appdata\roaming\microsoft\windows\templates\s2fkave 8ok6yf mnho9y54 sgu4m7oc hotel .zip.exe
  • C:\users\default\templates\8r3baiec xakmpl epyxwn b37oavmx289 (hyo87il,dxocjwba).avi.exe
  • C:\users\default\templates\eq7k2xcxt cum beast epyxwn glans .rar.exe
  • %LOCALAPPDATA%\microsoft\windows\<INETFILES>\8r3baiec horse mnho9y54 nom72kl 779mipj .mpg.exe
  • %TEMP%\xxx 7vepaqjm ash (dehod0,dxocjwba).zip.exe
  • %LOCALAPPDATA%\<INETFILES>\eq7k2xcxt h93bklf mzwpstr8n [milf] glans .mpg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{3571406e-c08c-4c74-b145-8857b365f6e7}\wpjwijv gay vjq39c1gwy cock 40+ (karin).mpg.exe
  • %LOCALAPPDATA%\microsoft\windows\<INETFILES>\7b6fhxi beast tsomq34 apv53deiq9fw 50+ .rar.exe
  • %APPDATA%\microsoft\templates\lpcu5ai3 uncut sm .rar.exe
  • %APPDATA%\microsoft\windows\templates\z9z7rwe xakmpl xxx epyxwn cock (jenna,g6u8n4r).rar.exe
  • %TEMP%\f1i7cm lpcu5ai3 [bangbus] ash ejn547rbxhd1 .mpeg.exe
  • %LOCALAPPDATA%\<INETFILES>\mzwpstr8n ddqayq [milf] .rar.exe
  • %APPDATA%\mozilla\firefox\profiles\v08trqk6.default-release\storage\temporary\sperm big (2hbt8wr).rar.exe
  • %LOCALAPPDATA%low\mozilla\temp-{070abd97-84e1-4f5f-9c02-f1d76dd9fce4}\8ok6yf bq4kno jxqgtp (rdl1tfkz,karin).mpg.exe
  • %APPDATA%\thunderbird\profiles\chdgbv82.default-release\storage\temporary\eq7k2xcxt bd1l5ir xxx ihthd33 feet b37oavmx289 .avi.exe
  • %LOCALAPPDATA%low\mozilla\temp-{1fae114c-c2b0-4da1-b23a-8e5ad0c3d722}\mzwpstr8n ihthd33 ejn547rbxhd1 (hyo87il,jenna).mpeg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{3571406e-c08c-4c74-b145-8857b365f6e7}\horse yzw1afy uncut .rar.exe
  • %HOMEPATH%\templates\upfgetx horse xxx epyxwn .avi.exe
  • %APPDATA%\microsoft\templates\wpjwijv mnho9y54 wep6b08 [free] .avi.exe
  • %APPDATA%\microsoft\windows\templates\zc8giv9 [milf] glans (sandy,rdl1tfkz).avi.exe
  • %APPDATA%\mozilla\firefox\profiles\v08trqk6.default-release\storage\temporary\wpjwijv xxx 7nd83wovj sgu4m7oc (dxocjwba,36mho73).mpeg.exe
  • %APPDATA%\thunderbird\profiles\chdgbv82.default-release\storage\temporary\ikdyfwhy nude 7nd83wovj [milf] 50+ (liz).avi.exe
  • %HOMEPATH%\templates\ikdyfwhy w6csjja14n1 epyxwn feet ol6p1tua (sandy,gina).zip.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor\horse cum [free] .rar.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor\f07qtt porn yzw1afy bq4kno nmibe2 (jenna,g6u8n4r).mpeg.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor.resources\8ok6yf mzwpstr8n uncut zmc8ujp .zip.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor.resources\gzn4ud7e w6csjja14n1 nom72kl [milf] feet boots (dxocjwba).rar.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor\viaz50 ddqayq l9hwcs7vvnphd9 8bgkvshe1 .mpg.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor\sperm girls nrb42wq .zip.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor.resources\ [free] ol6p1tua (sonja,2hbt8wr).mpeg.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor.resources\xakmpl yzw1afy hot (!) boots .zip.exe
  • %WINDIR%\assembly\gac_64\microsoft.sharepoint.businessdata.administration.client\upfgetx horse horse l9hwcs7vvnphd9 cock .mpeg.exe
  • %WINDIR%\assembly\gac_64\microsoft.sharepoint.businessdata.administration.client\xxx l9hwcs7vvnphd9 .zip.exe
  • %WINDIR%\assembly\gac_msil\microsoft.sharepoint.businessdata.administration.client.intl\yzw1afy girls .mpeg.exe
  • %WINDIR%\assembly\gac_msil\microsoft.sharepoint.businessdata.administration.client.intl\fac71w2 tsomq34 [milf] kfp2yqq (sarah).mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\mnho9y54 bq4kno .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\zap9e41.tmp\lpcu5ai3 hot (!) titts .avi.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\0287zh bd1l5ir hot (!) balls .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\zap9e41.tmp\zc8giv9 horse xakmpl nom72kl legs hairy .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\beast l9hwcs7vvnphd9 (dxocjwba).rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\yzw1afy horse l9hwcs7vvnphd9 qq6w54yfhtqrbwcslg .mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zap6b8e.tmp\wpjwijv sperm girls ash gh5b6gd7wrv .rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zap6b8e.tmp\gzn4ud7e ddqayq beast [milf] .zip.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape291.tmp\lpcu5ai3 girls glans zmc8ujp (dxocjwba).mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape56e.tmp\nom72kl [milf] balls .rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape291.tmp\tsomq34 big .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape56e.tmp\jxaglwti nom72kl nom72kl 7vepaqjm 779mipj .rar.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_32\temp\sperm bq4kno glans ae2sd7u4xh .avi.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_32\temp\7b6fhxi beast 7vepaqjm .mpg.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_64\temp\tsomq34 [bangbus] b37oavmx289 .mpg.exe
  • %WINDIR%\assembly\temp\fac71w2 h93bklf nom72kl bq4kno titts b37oavmx289 (2hbt8wr).avi.exe
  • %WINDIR%\assembly\tmp\eq7k2xcxt horse sperm nom72kl sm .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_64\temp\f1i7cm 8ok6yf xakmpl epyxwn .rar.exe
  • %WINDIR%\assembly\temp\z9z7rwe sperm 8ok6yf ihthd33 zmc8ujp .mpeg.exe
  • %WINDIR%\assembly\tmp\tsomq34 horse [bangbus] .mpeg.exe
  • %WINDIR%\microsoft.net\framework\v4.0.30319\temporary asp.net files\lpcu5ai3 sgu4m7oc gh5b6gd7wrv .mpeg.exe
  • %WINDIR%\microsoft.net\framework\v4.0.30319\temporary asp.net files\0287zh tsomq34 [free] .zip.exe
  • %WINDIR%\microsoft.net\framework64\v4.0.30319\temporary asp.net files\eq7k2xcxt xakmpl nom72kl bq4kno rv0y8n (sonja,sarah).avi.exe
  • %WINDIR%\pla\templates\tsomq34 epyxwn cock (rdl1tfkz,liz).avi.exe
  • %WINDIR%\microsoft.net\framework64\v4.0.30319\temporary asp.net files\nom72kl bq4kno cock gh5b6gd7wrv .rar.exe
  • %WINDIR%\security\templates\upfgetx horse horse 7vepaqjm feet 8pfmdyy (jade).mpg.exe
  • %WINDIR%\security\templates\beast horse uncut zmc8ujp .avi.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\microsoft\windows\<INETFILES>\upfgetx ddqayq horse bq4kno hole .zip.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\temp\s2fkave ddqayq lpcu5ai3 [free] .avi.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\microsoft\windows\<INETFILES>\xxx tsomq34 [free] lzxyhb7k (cy4xpd,rdl1tfkz).avi.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\roaming\microsoft\windows\templates\xxx bq4kno titts latex .avi.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\temp\fac71w2 tsomq34 bq4kno hairy .mpg.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\roaming\microsoft\windows\templates\ddqayq sperm uncut qx2j1b5 .mpg.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\microsoft\windows\<INETFILES>\black wep6b08 lpcu5ai3 [free] fishy .zip.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\microsoft\windows\<INETFILES>\7nd83wovj bd1l5ir [free] cock ejn547rbxhd1 .rar.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\temp\upfgetx horse tsomq34 epyxwn glans mg9fvb2xk9 .zip.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\temp\asian xakmpl epyxwn (gina,dxocjwba).avi.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\templates\4h1e2a346 porn cum [milf] qq6w54yfhtqrbwcslg (rdl1tfkz,sonja).mpeg.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\templates\gzn4ud7e 8ok6yf xxx epyxwn titts .zip.exe
  • %WINDIR%\syswow64\config\systemprofile\black ddqayq tsomq34 epyxwn glans (rdl1tfkz,g6u8n4r).mpg.exe
  • %WINDIR%\syswow64\config\systemprofile\horse nude apv53deiq9fw .avi.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\0287zh yzw1afy horse big .mpeg.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\f1i7cm w6csjja14n1 nom72kl ihthd33 .mpeg.exe
  • %WINDIR%\syswow64\fxstmp\porn tsomq34 [free] .mpeg.exe
  • %WINDIR%\syswow64\ime\shared\gzn4ud7e h93bklf sperm hot (!) (g6u8n4r).rar.exe
  • %WINDIR%\syswow64\fxstmp\beast [milf] fishy .mpg.exe
  • %WINDIR%\syswow64\ime\shared\4h1e2a346 yzw1afy [bangbus] .rar.exe
  • %WINDIR%\syswow64\config\systemprofile\gzn4ud7e 7nd83wovj beast uncut .avi.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\mzwpstr8n ihthd33 js80j73 .rar.exe
  • %WINDIR%\syswow64\config\systemprofile\7nd83wovj beast sgu4m7oc cock (gina,36mho73).zip.exe
  • %WINDIR%\syswow64\fxstmp\upfgetx cum mzwpstr8n l9hwcs7vvnphd9 girly .avi.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\f1i7cm porn yzw1afy sgu4m7oc gsva2xn .zip.exe
  • %WINDIR%\syswow64\ime\shared\eq7k2xcxt porn sperm [milf] gh5b6gd7wrv .mpeg.exe
  • %WINDIR%\syswow64\fxstmp\ddqayq apv53deiq9fw ash sweet .avi.exe
  • %WINDIR%\syswow64\ime\shared\4h1e2a346 h93bklf xxx big .zip.exe
  • %WINDIR%\temp\eq7k2xcxt 7nd83wovj lpcu5ai3 [bangbus] .zip.exe
  • %WINDIR%\temp\4h1e2a346 h93bklf w6csjja14n1 [milf] sweet .avi.exe
  • %WINDIR%\winsxs\installtemp\mnho9y54 bq4kno nrb42wq (jenna,y8oxsqa).avi.exe
  • %WINDIR%\winsxs\installtemp\s2fkave mnho9y54 bd1l5ir [free] zn3tvn .rar.exe
Miscellaneous
Searches for the following windows
  • ClassName: 'Progman' WindowName: ''
  • ClassName: 'Proxy Desktop' WindowName: ''
Restarts the analyzed sample
Executes the following
  • '%WINDIR%\explorer.exe'

Recommandations pour le traitement

  1. Si le système d'exploitation peut être démarré (en mode normal ou en mode sans échec), téléchargez Dr.Web Security Space et lancez un scan complet de votre ordinateur et de tous les supports amovibles que vous utilisez. En savoir plus sur Dr.Web Security Space.
  2. Si le démarrage du système d'exploitation est impossible, veuillez modifier les paramètres du BIOS de votre ordinateur pour démarrer votre ordinateur via CD/DVD ou clé USB. Téléchargez l'image du disque de secours de restauration du système Dr.Web® LiveDisk ou l'utilitaire pour enregistrer Dr.Web® LiveDisk sur une clé USB, puis préparez la clé USB appropriée. Démarrez l'ordinateur à l'aide de cette clé et lancez le scan complet et le traitement des menaces détectées.
Version démo gratuite

 

Télécharger Dr.Web

Par le numéro de série

Veuillez lancer le scan complet du système à l'aide de Dr.Web Antivirus pour Mac OS.

Version démo gratuite

 

Télécharger Dr.Web sur le site

Par le numéro de série

Télécharger Dr.Web sur l'Apple Store

Veuillez lancer le scan complet de toutes les partitions du disque à l'aide de Dr.Web Antivirus pour Linux.

Version démo gratuite

 

Télécharger Dr.Web

Par le numéro de série

  1. Si votre appareil mobile fonctionne correctement, veuillez télécharger et installer sur votre appareil mobile Dr.Web pour Android. Lancez un scan complet et suivez les recommandations sur la neutralisation des menaces détectées.
  2. Si l'appareil mobile est bloqué par le Trojan de la famille Android.Locker (un message sur la violation grave de la loi ou la demande d'une rançon est affiché sur l'écran de l'appareil mobile), procédez comme suit:
    • démarrez votre Smartphone ou votre tablette en mode sans échec (si vous ne savez pas comment faire, consultez la documentation de l'appareil mobile ou contactez le fabricant) ;
    • puis téléchargez et installez sur votre appareil mobile Dr.Web pour Android et lancez un scan complet puis suivez les recommandations sur la neutralisation des menaces détectées ;
    • Débranchez votre appareil et rebranchez-le.

En savoir plus sur Dr.Web pour Android

Free trial

14 days

Download now
Get it on Google Play