Pour les utilisateurs

Fermer

Bibliothèque
Ma bibliothèque

+ Ajouter à la bibliothèque

Recherche
Recherche

Contacter-nous !
Support 24/24 | Rules regarding submitting

Envoyer un message

Requête à l'aide du formulaire

Nous téléphoner

0 825 300 230

Forum

Vos requêtes

  • Toutes : -
  • Non clôturées : -
  • Dernière : le -
Créer une nouvelle requête

Nous téléphoner

0 825 300 230

Profil

FR

RU CN DE EN ES FR IT JP KZ UZ PL BY
Fermer
Services support
Scanners
Dr.Web vxCube
Démo
Bibliothèque virale
Base documentaire

TECHNOLOGIES

TERMINOLOGIE

COURS ET EDU

MYTHES

Actualités

Trojan.MulDrop5.1066

Added to the Dr.Web virus database: 2013-10-17

Virus description added:

Technical Information

Malicious functions:
Executes the following:
  • '<SYSTEM32>\reg.exe' add "HKU\S-1-5-21-796845957-1085031214-839522115-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count" /f /v "HRZR_EHACNGU:P:\\Cebtenz Svyrf\\Fgneqbpx\\Bowrpg Qrfxgbc\\JvaqbjOyvaqf\\jopbasvt.rkr" /t REG_BINARY /d 04000000160000000051c2f01760c801
  • '<SYSTEM32>\reg.exe' add "HKU\S-1-5-21-796845957-1085031214-839522115-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count" /f /v "HRZR_EHACNGU" /t REG_BINARY /d 04000000680000000051c2f01760c801
  • '<SYSTEM32>\reg.exe' add "HKU\S-1-5-21-796845957-1085031214-839522115-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count" /f /v "HRZR_EHACVQY:%pfvqy2%\\Fgneqbpx\\Bowrpg Qrfxgbc" /t REG_BINARY /d 04000000070000004083aaf01760c801
  • '<SYSTEM32>\reg.exe' add "HKU\S-1-5-21-796845957-1085031214-839522115-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count" /f /v "HRZR_EHACVQY:%pfvqy2%\\Fgneqbpx" /t REG_BINARY /d 040000000900000030cdacf01760c801
  • '<SYSTEM32>\reg.exe' add "HKU\S-1-5-21-796845957-1085031214-839522115-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count" /f /v "HRZR_EHACVQY" /t REG_BINARY /d 040000006300000030cdacf01760c801
  • '<SYSTEM32>\reg.exe' add "HKLM\SOFTWARE\Stardock\WindowBlinds\WB.ini\Machine" /f /v "LastP" /t REG_SZ /d "1524080192"
  • '<SYSTEM32>\reg.exe' add "HKLM\SOFTWARE\Stardock\WindowBlinds\WB.ini\Machine" /f /v "LastMS" /t REG_SZ /d "393216"
  • '<SYSTEM32>\reg.exe' add "HKU\S-1-5-21-796845957-1085031214-839522115-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage" /f /v "StartMenu_Balloon_Time" /t REG_BINARY /d f03634ef1760c801
  • '<SYSTEM32>\reg.exe' add "HKU\S-1-5-21-796845957-1085031214-839522115-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs" /f /v "Order" /t REG_BINARY /d 080000000200000074070000010000000c0000008a000000000000007c0000004175674d02000000010000006a003200220600003738f9aa20004d4943524f537e312e4c4e4b0000400003000400efbe3738f9aa3a388c5d140000004d006900630072006f0073006f006600740020005500700064006100740065002e006c006e006b0000001c000e0000000a00efbe010000001c0000000000000000009c000000010000008e0000004175674d02000000010000007c003200a802000037384bac200057494e444f577e322e4c4e4b0000520003000400efbe37384bac3a388c5d14003c00570069006e0064006f0077007300200043006100740061006c006f0067002e006c006e006b000000407368656c6c33322e646c6c2c2d3232303735001c000e0000000a00efbe010000001c000000000000000000ec00000002000000de0000004175674d0200000002000000680031000000000037382cad11004143434553537e310000420003000400efbe3738fcac3a380e6414002c004100630063006500730073006f0072006900650073000000407368656c6c33322e646c6c2c2d32313736310018000e0000000a00efbe020000001800000062003100000000003738f7aa11004143434553537e3100002e0003000400efbe3738bcaa3a388d5d140000004100630063006500730073006f007200690065007300000018000e0000000000efbe0300000018000e0000000a00efbe0300000018000000000000000000700000000a000000620000004175674d020000000100000050003100000000003938309910004155544f49547e3100002a0003000400efbe39381c993a388d5d140000004100750074006f0049007400200076003300000018000e0000000a00efbe03000000180000000000000000007e00000009000000700000004175674d02000000010000005e003100000000003938807d1000494e5354414c7e312e350000360003000400efbe39387d7d3a388d5d1400000049006e007300740061006c006c005200690074006500200032002e00350000001a000e0000000a00efbe030000001a0000000000000000006e0000000b000000600000004175674d02000000010000004e003100000000003a383662100053746172646f636b0000280003000400efbe3a3803603a38366214000000530074006100720064006f0063006b00000018000e0000000a00efbe0300000018000000000000000000ec00000003000000de0000004175674d02000000020000005e00310000000000393801a1110053746172747570003a0003000400efbe3738fcac3a380e641400240053007400610072007400750070000000407368656c6c33322e646c6c2c2d32313738370016000e0000000a00efbe02000000160000006c00310000000000373853b2110053746172747570003a0003000400efbe373853b23a388d5d1400240053007400610072007400750070000000407368656c6c33322e646c6c2c2d32313738370016000e0000000000efbe0300000016000e0000000a00efbe03000000160000000000000000007000000004000000620000004175674d020000000100000050003100000000003938507d10005554494c49547e3100002a0003000400efbe3738f5aa3a388d5d140000005500740069006c0069007400690065007300000018000e0000000a00efbe0300000018000000000000000000c000000008000000b20000004175674d020000000200000048003100000000003838f382100057696e5241520000240003000400efbe3838f3823a380e6414000000570069006e00520041005200000016000e0000000a00efbe020000001600000056003100000000003838f382100057696e5241520000240003000400efbe3838f3823a388d5d14000000570069006e00520041005200000016000e0000000000efbe0300000016000e0000000a00efbe03000000160000000000000000008c000000050000007e0000004175674d02000000010000006c0032002303000037382cad2000494e5445524e7e312e4c4e4b0000420003000400efbe37382cad3a3882631400000049006e007400650072006e006500740020004500780070006c006f007200650072002e006c006e006b0000001c000e0000000a00efbe020000001c0000000000000000009e00000006000000900000004175674d02000000010000007e003200e202000037382cad20004f55544c4f4f7e312e4c4e4b0000540003000400efbe37381cad3a38826314003c004f00750074006c006f006f006b00200045007800700072006500730073002e006c006e006b0000004078707370317265732e646c6c2c2d313130303400001c000e0000000a00efbe020000001c000000000000000000b400000007000000a60000004175674d0200000001000000940032003f06000037384cac200052454d4f54457e312e4c4e4b00006a0003000400efbe3738fcac3a38826314004000520065006d006f0074006500200041007300730069007300740061006e00630065002e006c006e006b00000040433a5c57494e444f57535c73797374656d33325c726362647963746c2e646c6c2c2d31353200001c000e0000000a00efbe020000001c000000000000000000
  • '<SYSTEM32>\reg.exe' add "HKU\S-1-5-21-796845957-1085031214-839522115-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count" /f /v "HRZR_EHACVQY:%pfvqy2%\\Fgneqbpx\\Bowrpg Qrfxgbc\\JvaqbjOyvaqf.yax" /t REG_BINARY /d 04000000070000004083aaf01760c801
  • '<SYSTEM32>\reg.exe' add "HKU\S-1-5-21-796845957-1085031214-839522115-1001\Software\Stardock\WindowBlinds\WB5.ini\WBLiteFX" /f /v "AllowPerPixelOnOldHardware" /t REG_SZ /d "1"
  • '<SYSTEM32>\reg.exe' add "HKU\S-1-5-21-796845957-1085031214-839522115-1001\Software\Stardock\WindowBlinds\WB5.ini\WBLiteFX" /f /v "Lastsub" /t REG_SZ /d "0"
  • '<SYSTEM32>\cmd.exe' /c ""%TEMP%\selfdel0.bat" "
  • '<SYSTEM32>\reg.exe' add "HKU\S-1-5-21-796845957-1085031214-839522115-1001\Software\Stardock\WindowBlinds\WB5.ini\WBLiteFX" /f /v "RandomSkin" /t REG_SZ /d "0"
  • '<SYSTEM32>\reg.exe' add "HKU\S-1-5-21-796845957-1085031214-839522115-1001\Software\Stardock\WindowBlinds\WB5.ini\WBLiteFX" /f /v "SkinSet" /t REG_SZ /d "%ALLUSERSPROFILE%\Documents\Stardock\WindowBlinds\Diamond\Diamond.uis"
  • '<SYSTEM32>\reg.exe' add "HKU\S-1-5-21-796845957-1085031214-839522115-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached" /f /v "{2559A1F5-21D7-11D4-BDAF-00C04F60B9F0} {000214E6-0000-0000-C000-000000000046} 0x401" /t REG_BINARY /d 00000000370039002411b6c31760c801
  • '<SYSTEM32>\reg.exe' add "HKU\S-1-5-21-796845957-1085031214-839522115-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached" /f /v "{2559A1F4-21D7-11D4-BDAF-00C04F60B9F0} {000214E6-0000-0000-C000-000000000046} 0x401" /t REG_BINARY /d 0000000037003900988a6ec31760c801
  • '<SYSTEM32>\reg.exe' add "HKU\S-1-5-21-796845957-1085031214-839522115-1001\Software\Microsoft\Windows\Shell\Bags\1\Desktop" /f /v "ItemPos1024x768(1)" /t REG_BINARY /d 00000000000000000000000000000000160000000200000014001f48ba8f0d4525add01198a80800361b1103160000005e00000014001f50e04fd020ea3a6910a2d808002b30309d16000000ba00000014001f58602c8d20ea3a6910a2d708002b30309d160000001601000014001f6040f05f6481501b109f0800aa002f954e160000007201000014001f6880531c87a0426910a2ea08002b30309d2d0100007201000042003a00e202000039383199200053636954652e6c6e6b002a0003000400efbe393831993a38ef5b14000000530063006900540065002e006c006e006b000000180016000000ce01000052003100000000003838d889100042545342475f7e312e300000380003000400efbe3838d4893a380e6414000000420054005300620067005f004100640064006f006e005f00760031002e00300000001a00160000002a020000640031000000000038384f8a1000454e473249547e3100004c0003000400efbe38384f8a3a380e641400000045004e00470032004900540041005f00570049004e0046004c00490050005f0030003400320031005f004100440044004f004e0000001800160000008602000062003100000000003838e18910004c58505f53547e312e320000480003000400efbe3838b2833a380e64140000004c00580050005f0073007400610072007400750070006f00720062005f006100640064006f006e005f0031002e00320000001a00730000000200000040003100000000003838918a10004e525f56697354540000280003000400efbe3838918a3a380e64140000004e0052005f005600690073005400540000001800730000005e0000004c003100000000003838f78e100056495355414c7e310000340003000400efbe3838368b3a380e6414000000560069007300750061006c00200054006f006f006c007400690070000000180073000000ba0000003c003100000000003838318a100057696e466c697000260003000400efbe3838fc893a380e6414000000570069006e0046006c0069007000000016002d010000ce01000040003200ae0100003938e79d20006175746f2e6175330000280003000400efbe3938e79d3938e79d140000006100750074006f002e00610075003300000018002d0100008602000040003200f3e803003938fc9d20006175746f2e6578650000280003000400efbe3938fa9d3938fc9d140000006100750074006f002e0065007800650000001800d0000000860200005a003200c8ff68003938099920004155544f49547e312e45584500003e0003000400efbe3938099939382e99140000006100750074006f00690074002d00760033002d00730065007400750070002e0065007800650000001c0073000000160100005600320000c200003838e97e2000434142544f4f7e312e45584500003a0003000400efbe3838e97e3838ea7e1400000043004100420054004f004f004c005f00530045005400550050002e0045005800450000001c00730000007201000046003200bb1324043738b8782000445047413731302e377a00002c0003000400efbe38380e8f3838108f1400000044005000470041003700310030002e0037007a0000001a0073000000ce01000070003200469005003838488a2000454e473249547e312e4341420000540003000400efbe3838488a3838488a1400000045004e00470032004900540041005f00570049004e0046004c00490050005f0030003400320031005f004100440044004f004e002e0043004100420000001c00730000002a020000560032005f064e003938757d2000494e5354414c7e312e45584500003a0003000400efbe3938757d3938767d1400000049006e007300740061006c006c005200690074006500320035002e0065007800650000001c0073000000860200004800320034b404003838bb892000496e73744476722e626d70002e0003000400efbe3838ea833a387d5b1400000049006e00730074004400760072002e0062006d00700000001a00d0000000020000004c003200a10300003738f5aa20004c53504154437e312e4c4e4b0000300003000400efbe3738f5aa3a387b5b140000004c0053002000500061007400630068002e006c006e006b0000001c00d00000005e0000006c003200869500003838c28320004c58505f53547e312e4341420000500003000400efbe3838c2833838c283140000004c00580050005f0053005400410052005400550050004f00520042005f004100440044004f004e005f0031002e0032002e0043004100420000001c00d0000000ba0000004e003200003a030039384e8020004d4943524f577e312e4558450000320003000400efbe39384e803a38d35d140000004d006900630072006f00570061006c006c002e0065007800650000001c00d00000007201000072003200db34040038387d8a20004e525f5649537e312e5241520000560003000400efbe38387c8a3838838a140000004e0052005f00560069007300750061006c0054006f006f006c0054006900700045006e005f004100640064006f006e005f00760032002e0072006100720000001c00d00000002a02000086003200365324013838f58e20005249434b535f7e312e375a006c0003000400efbe3838f48e3838fd8e140000005200690063006b0073005f00570069006e0064006f007700730053006900640065006200610072005300500032005f0041006c006b0079005800500031002e0030005f004100640064004f006e002e0037007a0000001a002d0100005e000000560032009511440039380b9920005343495445347e312e45584500003a0003000400efbe39380a9939383699140000005300630069005400450034004100750074006f004900740033002e0065007800650000001c008a0100002a02000042003200c90000003a389d61200053657475702e636d64002a0003000400efbe3a3882613a38296214000000530065007400750070002e0063006d00640000001800e70100000200000042003200da0300003a38db5e202073657475702e726567002a0003000400efbe3a38d05e3a38db5e14000000730065007400750070002e00720065006700000018002d0100000200000042003200384c01003938747c2000545745414b2e524547002a0003000400efbe3938747c3938747c1400000054005700450041004b002e0052004500470000001800a10200001601000046003200e496a4013a38705f20005669737461322e65786500002c0003000400efbe37380dae3a38785f140000005600690073007400610032002e0065007800650000001a002d0100001601000052003200f61000003938308320005649535441547e312e5245470000360003000400efbe3938308339381187140000007600690073007400610020007400680065006d0065002e0072006500670000001c008a0100005e00000042003200be5bd6003a38275f200076697374612e657865002a0003000400efbe3a38c25e3a38275f14000000760069007300740061002e00650078006500000018002d0100002a02000042003200494b070138384f8e200056697374612e776261002a0003000400efbe38384e8e38384f8e14000000560069007300740061002e0077006200610000001800440200005e0000004e003200b0448a003938e3a020005649535441537e312e4558450000320003000400efbe3938e2a039385da1140000005600690073007400610053006b0069006e002e0065007800650000001c0044020000ce01000058003200e40806003938029b20005649535441547e312e45584500003c0003000400efbe3938ee7c3a38796114000000560069007300740061007400680065006d0065002e007300660078002e0065007800650000001c0044020000720100005e003200ca1a8c003a38ad61200057494e424c497e312e4558450000420003000400efbe393874873a38156214000000570069006e0042006c0069006e006400730036005f00530069006c0065006e0074002e0065007800650000001c00e70100008602000054003200db2682003a388d5c200057494e444f577e312e4558450000380003000400efbe3a388d5c3a38905d14000000570069006e0064006f00770042006c0069006e00640073002e0065007800650000001c00d00000001601000048003200d88f05003838688a200057494e464c49502e434142002e0003000400efbe3838068a3838688a14000000570049004e0046004c00490050002e0043004100420000001a00d0000000ce01000054003200955d14003838f082200057494e5241527e312e4558450000380003000400efbe3838f0823838f08214000000570069006e005200410052002d00760033002e00370031002e0065007800650000001c00d0000000ce01000000000000
  • '<SYSTEM32>\reg.exe' add "HKU\S-1-5-21-796845957-1085031214-839522115-1001\Software\Microsoft\Windows\CurrentVersion\ThemeManager" /f /v "ThemeActive" /t REG_SZ /d "0"
  • '<SYSTEM32>\reg.exe' add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count" /f /v "HRZR_EHACVQY:%pfvqy2%\\Fgneqbpx" /t REG_BINARY /d 040000000900000030cdacf01760c801
  • '<SYSTEM32>\reg.exe' add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count" /f /v "HRZR_EHACNGU:P:\\Cebtenz Svyrf\\Fgneqbpx\\Bowrpg Qrfxgbc\\JvaqbjOyvaqf\\jopbasvt.rkr" /t REG_BINARY /d 04000000160000000051c2f01760c801
  • '<SYSTEM32>\reg.exe' add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count" /f /v "HRZR_EHACVQY:%pfvqy2%\\Fgneqbpx\\Bowrpg Qrfxgbc\\JvaqbjOyvaqf.yax" /t REG_BINARY /d 04000000070000004083aaf01760c801
  • '<SYSTEM32>\reg.exe' add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count" /f /v "HRZR_EHACVQY:%pfvqy2%\\Fgneqbpx\\Bowrpg Qrfxgbc" /t REG_BINARY /d 04000000070000004083aaf01760c801
  • '<SYSTEM32>\reg.exe' add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count" /f /v "HRZR_EHACNGU" /t REG_BINARY /d 04000000680000000051c2f01760c801
  • '<SYSTEM32>\reg.exe' add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs" /f /v "Order" /t REG_BINARY /d 080000000200000074070000010000000c0000008a000000000000007c0000004175674d02000000010000006a003200220600003738f9aa20004d4943524f537e312e4c4e4b0000400003000400efbe3738f9aa3a388c5d140000004d006900630072006f0073006f006600740020005500700064006100740065002e006c006e006b0000001c000e0000000a00efbe010000001c0000000000000000009c000000010000008e0000004175674d02000000010000007c003200a802000037384bac200057494e444f577e322e4c4e4b0000520003000400efbe37384bac3a388c5d14003c00570069006e0064006f0077007300200043006100740061006c006f0067002e006c006e006b000000407368656c6c33322e646c6c2c2d3232303735001c000e0000000a00efbe010000001c000000000000000000ec00000002000000de0000004175674d0200000002000000680031000000000037382cad11004143434553537e310000420003000400efbe3738fcac3a380e6414002c004100630063006500730073006f0072006900650073000000407368656c6c33322e646c6c2c2d32313736310018000e0000000a00efbe020000001800000062003100000000003738f7aa11004143434553537e3100002e0003000400efbe3738bcaa3a388d5d140000004100630063006500730073006f007200690065007300000018000e0000000000efbe0300000018000e0000000a00efbe0300000018000000000000000000700000000a000000620000004175674d020000000100000050003100000000003938309910004155544f49547e3100002a0003000400efbe39381c993a388d5d140000004100750074006f0049007400200076003300000018000e0000000a00efbe03000000180000000000000000007e00000009000000700000004175674d02000000010000005e003100000000003938807d1000494e5354414c7e312e350000360003000400efbe39387d7d3a388d5d1400000049006e007300740061006c006c005200690074006500200032002e00350000001a000e0000000a00efbe030000001a0000000000000000006e0000000b000000600000004175674d02000000010000004e003100000000003a383662100053746172646f636b0000280003000400efbe3a3803603a38366214000000530074006100720064006f0063006b00000018000e0000000a00efbe0300000018000000000000000000ec00000003000000de0000004175674d02000000020000005e00310000000000393801a1110053746172747570003a0003000400efbe3738fcac3a380e641400240053007400610072007400750070000000407368656c6c33322e646c6c2c2d32313738370016000e0000000a00efbe02000000160000006c00310000000000373853b2110053746172747570003a0003000400efbe373853b23a388d5d1400240053007400610072007400750070000000407368656c6c33322e646c6c2c2d32313738370016000e0000000000efbe0300000016000e0000000a00efbe03000000160000000000000000007000000004000000620000004175674d020000000100000050003100000000003938507d10005554494c49547e3100002a0003000400efbe3738f5aa3a388d5d140000005500740069006c0069007400690065007300000018000e0000000a00efbe0300000018000000000000000000c000000008000000b20000004175674d020000000200000048003100000000003838f382100057696e5241520000240003000400efbe3838f3823a380e6414000000570069006e00520041005200000016000e0000000a00efbe020000001600000056003100000000003838f382100057696e5241520000240003000400efbe3838f3823a388d5d14000000570069006e00520041005200000016000e0000000000efbe0300000016000e0000000a00efbe03000000160000000000000000008c000000050000007e0000004175674d02000000010000006c0032002303000037382cad2000494e5445524e7e312e4c4e4b0000420003000400efbe37382cad3a3882631400000049006e007400650072006e006500740020004500780070006c006f007200650072002e006c006e006b0000001c000e0000000a00efbe020000001c0000000000000000009e00000006000000900000004175674d02000000010000007e003200e202000037382cad20004f55544c4f4f7e312e4c4e4b0000540003000400efbe37381cad3a38826314003c004f00750074006c006f006f006b00200045007800700072006500730073002e006c006e006b0000004078707370317265732e646c6c2c2d313130303400001c000e0000000a00efbe020000001c000000000000000000b400000007000000a60000004175674d0200000001000000940032003f06000037384cac200052454d4f54457e312e4c4e4b00006a0003000400efbe3738fcac3a38826314004000520065006d006f0074006500200041007300730069007300740061006e00630065002e006c006e006b00000040433a5c57494e444f57535c73797374656d33325c726362647963746c2e646c6c2c2d31353200001c000e0000000a00efbe020000001c000000000000000000
  • '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\batfile.bat" "
  • '<SYSTEM32>\reg.exe' add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count" /f /v "HRZR_EHACVQY" /t REG_BINARY /d 040000006300000030cdacf01760c801
  • '<SYSTEM32>\reg.exe' add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage" /f /v "StartMenu_Balloon_Time" /t REG_BINARY /d f03634ef1760c801
  • '<SYSTEM32>\reg.exe' add "HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached" /f /v "{2559A1F4-21D7-11D4-BDAF-00C04F60B9F0} {000214E6-0000-0000-C000-000000000046} 0x401" /t REG_BINARY /d 0000000037003900988a6ec31760c801
  • '<SYSTEM32>\reg.exe' add "HKCU\Software\Stardock\WindowBlinds\WB5.ini\WBLiteFX" /f /v "RandomSkin" /t REG_SZ /d "0"
  • '<SYSTEM32>\reg.exe' add "HKCU\Software\Stardock\WindowBlinds\WB5.ini\WBLiteFX" /f /v "AllowPerPixelOnOldHardware" /t REG_SZ /d "1"
  • '<SYSTEM32>\reg.exe' add "HKLM\SOFTWARE\Stardock\WindowBlinds\WB.ini\Machine" /f /v "LastLS" /t REG_SZ /d "190057245"
  • '<SYSTEM32>\reg.exe' add "HKLM\SOFTWARE\Microsoft\Cryptography\RNG" /f /v "Seed" /t REG_BINARY /d 6f0a835eeea2ea04c992419e5f0fb3893e8ed8e9b5fad82b14dab881a182ccd89d96b773f6ae43e7c8696e2fd19e3030920ce7fc10c165a3ec72c0e0ae3171c30912f30b792330c3441d066a8bac64bf
  • '<SYSTEM32>\reg.exe' add "HKCU\Software\Stardock\WindowBlinds\WB5.ini\WBLiteFX" /f /v "Lastsub" /t REG_SZ /d "0"
  • '<SYSTEM32>\reg.exe' add "HKCU\Software\Microsoft\Windows\CurrentVersion\ThemeManager" /f /v "ThemeActive" /t REG_SZ /d "0"
  • '<SYSTEM32>\reg.exe' add "HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached" /f /v "{2559A1F5-21D7-11D4-BDAF-00C04F60B9F0} {000214E6-0000-0000-C000-000000000046} 0x401" /t REG_BINARY /d 00000000370039002411b6c31760c801
  • '<SYSTEM32>\reg.exe' add "HKCU\Software\Stardock\WindowBlinds\WB5.ini\WBLiteFX" /f /v "SkinSet" /t REG_SZ /d "%ALLUSERSPROFILE%\Documents\Stardock\WindowBlinds\Diamond\Diamond.uis"
  • '<SYSTEM32>\reg.exe' add "HKCU\Software\Microsoft\Windows\Shell\Bags\1\Desktop" /f /v "ItemPos1024x768(1)" /t REG_BINARY /d 00000000000000000000000000000000160000000200000014001f48ba8f0d4525add01198a80800361b1103160000005e00000014001f50e04fd020ea3a6910a2d808002b30309d16000000ba00000014001f58602c8d20ea3a6910a2d708002b30309d160000001601000014001f6040f05f6481501b109f0800aa002f954e160000007201000014001f6880531c87a0426910a2ea08002b30309d2d0100007201000042003a00e202000039383199200053636954652e6c6e6b002a0003000400efbe393831993a38ef5b14000000530063006900540065002e006c006e006b000000180016000000ce01000052003100000000003838d889100042545342475f7e312e300000380003000400efbe3838d4893a380e6414000000420054005300620067005f004100640064006f006e005f00760031002e00300000001a00160000002a020000640031000000000038384f8a1000454e473249547e3100004c0003000400efbe38384f8a3a380e641400000045004e00470032004900540041005f00570049004e0046004c00490050005f0030003400320031005f004100440044004f004e0000001800160000008602000062003100000000003838e18910004c58505f53547e312e320000480003000400efbe3838b2833a380e64140000004c00580050005f0073007400610072007400750070006f00720062005f006100640064006f006e005f0031002e00320000001a00730000000200000040003100000000003838918a10004e525f56697354540000280003000400efbe3838918a3a380e64140000004e0052005f005600690073005400540000001800730000005e0000004c003100000000003838f78e100056495355414c7e310000340003000400efbe3838368b3a380e6414000000560069007300750061006c00200054006f006f006c007400690070000000180073000000ba0000003c003100000000003838318a100057696e466c697000260003000400efbe3838fc893a380e6414000000570069006e0046006c0069007000000016002d010000ce01000040003200ae0100003938e79d20006175746f2e6175330000280003000400efbe3938e79d3938e79d140000006100750074006f002e00610075003300000018002d0100008602000040003200f3e803003938fc9d20006175746f2e6578650000280003000400efbe3938fa9d3938fc9d140000006100750074006f002e0065007800650000001800d0000000860200005a003200c8ff68003938099920004155544f49547e312e45584500003e0003000400efbe3938099939382e99140000006100750074006f00690074002d00760033002d00730065007400750070002e0065007800650000001c0073000000160100005600320000c200003838e97e2000434142544f4f7e312e45584500003a0003000400efbe3838e97e3838ea7e1400000043004100420054004f004f004c005f00530045005400550050002e0045005800450000001c00730000007201000046003200bb1324043738b8782000445047413731302e377a00002c0003000400efbe38380e8f3838108f1400000044005000470041003700310030002e0037007a0000001a0073000000ce01000070003200469005003838488a2000454e473249547e312e4341420000540003000400efbe3838488a3838488a1400000045004e00470032004900540041005f00570049004e0046004c00490050005f0030003400320031005f004100440044004f004e002e0043004100420000001c00730000002a020000560032005f064e003938757d2000494e5354414c7e312e45584500003a0003000400efbe3938757d3938767d1400000049006e007300740061006c006c005200690074006500320035002e0065007800650000001c0073000000860200004800320034b404003838bb892000496e73744476722e626d70002e0003000400efbe3838ea833a387d5b1400000049006e00730074004400760072002e0062006d00700000001a00d0000000020000004c003200a10300003738f5aa20004c53504154437e312e4c4e4b0000300003000400efbe3738f5aa3a387b5b140000004c0053002000500061007400630068002e006c006e006b0000001c00d00000005e0000006c003200869500003838c28320004c58505f53547e312e4341420000500003000400efbe3838c2833838c283140000004c00580050005f0053005400410052005400550050004f00520042005f004100440044004f004e005f0031002e0032002e0043004100420000001c00d0000000ba0000004e003200003a030039384e8020004d4943524f577e312e4558450000320003000400efbe39384e803a38d35d140000004d006900630072006f00570061006c006c002e0065007800650000001c00d00000007201000072003200db34040038387d8a20004e525f5649537e312e5241520000560003000400efbe38387c8a3838838a140000004e0052005f00560069007300750061006c0054006f006f006c0054006900700045006e005f004100640064006f006e005f00760032002e0072006100720000001c00d00000002a02000086003200365324013838f58e20005249434b535f7e312e375a006c0003000400efbe3838f48e3838fd8e140000005200690063006b0073005f00570069006e0064006f007700730053006900640065006200610072005300500032005f0041006c006b0079005800500031002e0030005f004100640064004f006e002e0037007a0000001a002d0100005e000000560032009511440039380b9920005343495445347e312e45584500003a0003000400efbe39380a9939383699140000005300630069005400450034004100750074006f004900740033002e0065007800650000001c008a0100002a02000042003200c90000003a389d61200053657475702e636d64002a0003000400efbe3a3882613a38296214000000530065007400750070002e0063006d00640000001800e70100000200000042003200da0300003a38db5e202073657475702e726567002a0003000400efbe3a38d05e3a38db5e14000000730065007400750070002e00720065006700000018002d0100000200000042003200384c01003938747c2000545745414b2e524547002a0003000400efbe3938747c3938747c1400000054005700450041004b002e0052004500470000001800a10200001601000046003200e496a4013a38705f20005669737461322e65786500002c0003000400efbe37380dae3a38785f140000005600690073007400610032002e0065007800650000001a002d0100001601000052003200f61000003938308320005649535441547e312e5245470000360003000400efbe3938308339381187140000007600690073007400610020007400680065006d0065002e0072006500670000001c008a0100005e00000042003200be5bd6003a38275f200076697374612e657865002a0003000400efbe3a38c25e3a38275f14000000760069007300740061002e00650078006500000018002d0100002a02000042003200494b070138384f8e200056697374612e776261002a0003000400efbe38384e8e38384f8e14000000560069007300740061002e0077006200610000001800440200005e0000004e003200b0448a003938e3a020005649535441537e312e4558450000320003000400efbe3938e2a039385da1140000005600690073007400610053006b0069006e002e0065007800650000001c0044020000ce01000058003200e40806003938029b20005649535441547e312e45584500003c0003000400efbe3938ee7c3a38796114000000560069007300740061007400680065006d0065002e007300660078002e0065007800650000001c0044020000720100005e003200ca1a8c003a38ad61200057494e424c497e312e4558450000420003000400efbe393874873a38156214000000570069006e0042006c0069006e006400730036005f00530069006c0065006e0074002e0065007800650000001c00e70100008602000054003200db2682003a388d5c200057494e444f577e312e4558450000380003000400efbe3a388d5c3a38905d14000000570069006e0064006f00770042006c0069006e00640073002e0065007800650000001c00d00000001601000048003200d88f05003838688a200057494e464c49502e434142002e0003000400efbe3838068a3838688a14000000570049004e0046004c00490050002e0043004100420000001a00d0000000ce01000054003200955d14003838f082200057494e5241527e312e4558450000380003000400efbe3838f0823838f08214000000570069006e005200410052002d00760033002e00370031002e0065007800650000001c00d0000000ce01000000000000
Modifies file system :
Creates the following files:
  • %TEMP%\selfdel0.bat
  • %TEMP%\1.tmp\batfile.bat
Deletes the following files:
  • %TEMP%\1.tmp\batfile.bat
Deletes itself.

Recommandations pour le traitement

  1. Si le système d'exploitation peut être démarré (en mode normal ou en mode sans échec), téléchargez Dr.Web Security Space et lancez un scan complet de votre ordinateur et de tous les supports amovibles que vous utilisez. En savoir plus sur Dr.Web Security Space.
  2. Si le démarrage du système d'exploitation est impossible, veuillez modifier les paramètres du BIOS de votre ordinateur pour démarrer votre ordinateur via CD/DVD ou clé USB. Téléchargez l'image du disque de secours de restauration du système Dr.Web® LiveDisk ou l'utilitaire pour enregistrer Dr.Web® LiveDisk sur une clé USB, puis préparez la clé USB appropriée. Démarrez l'ordinateur à l'aide de cette clé et lancez le scan complet et le traitement des menaces détectées.
Version démo gratuite

 

Télécharger Dr.Web

Par le numéro de série

Veuillez lancer le scan complet du système à l'aide de Dr.Web Antivirus pour Mac OS.

Version démo gratuite

 

Télécharger Dr.Web sur le site

Par le numéro de série

Télécharger Dr.Web sur l'Apple Store

Veuillez lancer le scan complet de toutes les partitions du disque à l'aide de Dr.Web Antivirus pour Linux.

Version démo gratuite

 

Télécharger Dr.Web

Par le numéro de série

  1. Si votre appareil mobile fonctionne correctement, veuillez télécharger et installer sur votre appareil mobile Dr.Web pour Android. Lancez un scan complet et suivez les recommandations sur la neutralisation des menaces détectées.
  2. Si l'appareil mobile est bloqué par le Trojan de la famille Android.Locker (un message sur la violation grave de la loi ou la demande d'une rançon est affiché sur l'écran de l'appareil mobile), procédez comme suit:
    • démarrez votre Smartphone ou votre tablette en mode sans échec (si vous ne savez pas comment faire, consultez la documentation de l'appareil mobile ou contactez le fabricant) ;
    • puis téléchargez et installez sur votre appareil mobile Dr.Web pour Android et lancez un scan complet puis suivez les recommandations sur la neutralisation des menaces détectées ;
    • Débranchez votre appareil et rebranchez-le.

En savoir plus sur Dr.Web pour Android

Free trial

14 days

Download now
Get it on Google Play