Pour les utilisateurs

Fermer

Bibliothèque
Ma bibliothèque

+ Ajouter à la bibliothèque

Recherche
Recherche

Contacter-nous !
Support 24/24 | Rules regarding submitting

Envoyer un message

Requête à l'aide du formulaire

Nous téléphoner

0 825 300 230

Forum

Vos requêtes

  • Toutes : -
  • Non clôturées : -
  • Dernière : le -
Créer une nouvelle requête

Nous téléphoner

0 825 300 230

Profil

FR

RU CN DE EN ES FR IT JP KZ UZ PL BY ID
Fermer
Services support
Scanners
Dr.Web vxCube
Démo
Bibliothèque virale
Base documentaire

TECHNOLOGIES

TERMINOLOGIE

COURS ET EDU

MYTHES

Actualités

Trojan.MulDrop36.6051

Added to the Dr.Web virus database: 2026-03-02

Virus description added:

Technical Information

Malicious functions
Executes the following
  • '<SYSTEM32>\taskkill.exe' /F /FI "WINDOWTITLE eq OPTIMIZING*"
  • '<SYSTEM32>\taskkill.exe' /F /FI "WINDOWTITLE eq TWEAKING*"
  • '<SYSTEM32>\taskkill.exe' /F /FI "WINDOWTITLE eq BOOSTING*"
  • '<SYSTEM32>\taskkill.exe' /F /FI "WINDOWTITLE eq NETWORK*"
  • '<SYSTEM32>\taskkill.exe' /F /FI "WINDOWTITLE eq MEMORY*"
  • '<SYSTEM32>\taskkill.exe' /F /FI "WINDOWTITLE eq LATENCY*"
  • '<SYSTEM32>\taskkill.exe' /F /FI "WINDOWTITLE eq FPS*"
  • '<SYSTEM32>\taskkill.exe' /F /FI "WINDOWTITLE eq DPC*"
  • '<SYSTEM32>\taskkill.exe' /F /FI "WINDOWTITLE eq INTERRUPT*"
  • '<SYSTEM32>\taskkill.exe' /F /FI "WINDOWTITLE eq REGISTRY*"
  • '<SYSTEM32>\taskkill.exe' /F /FI "WINDOWTITLE eq SERVICE*"
  • '<SYSTEM32>\taskkill.exe' /F /FI "WINDOWTITLE eq POWER*"
  • '<SYSTEM32>\taskkill.exe' /F /FI "WINDOWTITLE eq TIMER*"
  • '<SYSTEM32>\taskkill.exe' /F /FI "WINDOWTITLE eq USB*"
  • '<SYSTEM32>\taskkill.exe' /F /FI "WINDOWTITLE eq STORAGE*"
  • '<SYSTEM32>\taskkill.exe' /F /FI "WINDOWTITLE eq AUDIO*"
  • '<SYSTEM32>\taskkill.exe' /F /FI "WINDOWTITLE eq VISUAL*"
  • '<SYSTEM32>\taskkill.exe' /F /FI "WINDOWTITLE eq DEFENDER*"
  • '<SYSTEM32>\taskkill.exe' /F /FI "WINDOWTITLE eq TELEMETRY*"
  • '<SYSTEM32>\taskkill.exe' /F /FI "WINDOWTITLE eq BLOAT*"
  • '<SYSTEM32>\taskkill.exe' /F /FI "WINDOWTITLE eq NVIDIA*"
  • '<SYSTEM32>\taskkill.exe' /F /FI "WINDOWTITLE eq AMD*"
  • '<SYSTEM32>\taskkill.exe' /F /FI "WINDOWTITLE eq DEVICE*"
  • '<SYSTEM32>\taskkill.exe' /F /FI "WINDOWTITLE eq TCP*"
Launches a large number of processes
Modifies file system
Creates the following files
  • nul
  • <Current directory>\8000hz
  • <Current directory>\9000
Miscellaneous
Searches for the following windows
  • ClassName: '' WindowName: ''
Executes the following
  • '<SYSTEM32>\cmd.exe' /c start "VISUAL_TWEAKER_0" cmd /c "mode con: cols=60 lines=15 && echo [REG] HKLM\System\CurrentControlSet\Control... && echo [REG] Patching 0x4F2A entries in kernel space... && echo [REG] Disa...
  • '<SYSTEM32>\cmd.exe' /c "mode con: cols=60 lines=15 && echo [REG] HKLM\System\CurrentControlSet\Control... && echo [REG] Patching 0x4F2A entries in kernel space... && echo [REG] Disabling UMPO (0xCsEnabled=0)... &&...
  • '<SYSTEM32>\cmd.exe' /c start "REGISTRY_TWEAKER_1" cmd /c "mode con: cols=60 lines=15 && echo [0x7F3A] Injecting kernel hooks... && echo [0x9B2C] Patching NTOSKRNL.EXE offset 0x4A2F1B... && echo [0xE1D4] Modifying ...
  • '<SYSTEM32>\cmd.exe' /c "mode con: cols=60 lines=15 && echo [0x7F3A] Injecting kernel hooks... && echo [0x9B2C] Patching NTOSKRNL.EXE offset 0x4A2F1B... && echo [0xE1D4] Modifying HAL interrupt table... && echo [0x...
  • '<SYSTEM32>\cmd.exe' /c start "BLOAT_REMOVER_2" cmd /c "mode con: cols=60 lines=15 && echo [MEM] Disabling page combining (0x2A4F)... && echo [MEM] Setting DRAM timings: 14-14-14-28-1T... && echo [MEM] Enabling XMP...
  • '<SYSTEM32>\cmd.exe' /c "mode con: cols=60 lines=15 && echo [MEM] Disabling page combining (0x2A4F)... && echo [MEM] Setting DRAM timings: 14-14-14-28-1T... && echo [MEM] Enabling XMP profile 2 (3600MHz)... && echo...
  • '<SYSTEM32>\mode.com' con: cols=60 lines=15
  • '<SYSTEM32>\cmd.exe' /c start "NETWORK_TURBO_3" cmd /c "mode con: cols=60 lines=15 && echo [NV] Patching nvlddmkm.sys driver... && echo [NV] Disabling NVIDIA telemetry container... && echo [NV] Setting power manage...
  • '<SYSTEM32>\cmd.exe' /c "mode con: cols=60 lines=15 && echo [NV] Patching nvlddmkm.sys driver... && echo [NV] Disabling NVIDIA telemetry container... && echo [NV] Setting power management: Prefer maximum... && echo...
  • '<SYSTEM32>\cmd.exe' /c start "TIMER_PRECISION_4" cmd /c "mode con: cols=60 lines=15 && echo [MEM] Disabling page combining (0x2A4F)... && echo [MEM] Setting DRAM timings: 14-14-14-28-1T... && echo [MEM] Enabling X...
  • '<SYSTEM32>\timeout.exe' /t 2 /nobreak
  • '<SYSTEM32>\cmd.exe' /c start "LATENCY_KILLER_5" cmd /c "mode con: cols=60 lines=15 && echo [DPC] Hooking KeInsertQueueDpc... && echo [DPC] ISR latency target: <1us... && echo [DPC] Patching timer resolution to 0.5...
  • '<SYSTEM32>\cmd.exe' /c "mode con: cols=60 lines=15 && echo [DPC] Hooking KeInsertQueueDpc... && echo [DPC] ISR latency target: <1us... && echo [DPC] Patching timer resolution to 0.5ms... && echo [DPC] Disabling wa...
  • '<SYSTEM32>\cmd.exe' /c start "FPS_BOOSTER_6" cmd /c "mode con: cols=60 lines=15 && echo [REG] HKLM\System\CurrentControlSet\Control... && echo [REG] Patching 0x4F2A entries in kernel space... && echo [REG] Disabli...
  • '<SYSTEM32>\cmd.exe' /c start "POWER_MAXIMIZER_7" cmd /c "mode con: cols=60 lines=15 && echo [USB] Disabling power management on all hubs... && echo [USB] Setting xHCI interrupt moderation: 0... && echo [USB] Polli...
  • '<SYSTEM32>\cmd.exe' /c "mode con: cols=60 lines=15 && echo [USB] Disabling power management on all hubs... && echo [USB] Setting xHCI interrupt moderation: 0... && echo [USB] Polling rate override: 1000Hz -> 8000H...
  • '<SYSTEM32>\cmd.exe' /c start "NVIDIA_TWEAK_8" cmd /c "mode con: cols=60 lines=15 && echo [CPU] Disabling C-States: C1E, C3, C6, C7, C8... && echo [CPU] Setting turbo ratio limits to 0xFF... && echo [CPU] Unlocking...
  • '<SYSTEM32>\cmd.exe' /c "mode con: cols=60 lines=15 && echo [CPU] Disabling C-States: C1E, C3, C6, C7, C8... && echo [CPU] Setting turbo ratio limits to 0xFF... && echo [CPU] Unlocking MSR 0x1FC (power limits)... &...
  • '<SYSTEM32>\cmd.exe' /c start "BOOSTING_CPU_9" cmd /c "mode con: cols=60 lines=15 && echo [TEL] Blocking telemetry endpoints (47 hosts)... && echo [TEL] Disabling DiagTrack service... && echo [TEL] Removing CompatT...
  • '<SYSTEM32>\cmd.exe' /c "mode con: cols=60 lines=15 && echo [TEL] Blocking telemetry endpoints (47 hosts)... && echo [TEL] Disabling DiagTrack service... && echo [TEL] Removing CompatTelRunner.exe... && echo [TEL] ...
  • '<SYSTEM32>\cmd.exe' /c start "VISUAL_TWEAKER_10" cmd /c "mode con: cols=60 lines=15 && echo [MEM] Disabling page combining (0x2A4F)... && echo [MEM] Setting DRAM timings: 14-14-14-28-1T... && echo [MEM] Enabling X...
  • '<SYSTEM32>\cmd.exe' /c start "BOOSTING_CPU_11" cmd /c "mode con: cols=60 lines=15 && echo [AUD] Setting audio buffer: 32 samples (0.67ms)... && echo [AUD] Disabling audio enhancements... && echo [AUD] Exclusive mo...
  • '<SYSTEM32>\cmd.exe' /c "mode con: cols=60 lines=15 && echo [AUD] Setting audio buffer: 32 samples (0.67ms)... && echo [AUD] Disabling audio enhancements... && echo [AUD] Exclusive mode: enabled... && echo [AUD] Sa...
  • '<SYSTEM32>\cmd.exe' /c start "DEFENDER_DISABLE_12" cmd /c "mode con: cols=60 lines=15 && echo [CPU] Disabling C-States: C1E, C3, C6, C7, C8... && echo [CPU] Setting turbo ratio limits to 0xFF... && echo [CPU] Unlo...
  • '<SYSTEM32>\cmd.exe' /c start "AMD_OPTIMIZER_13" cmd /c "mode con: cols=60 lines=15 && echo [TEL] Blocking telemetry endpoints (47 hosts)... && echo [TEL] Disabling DiagTrack service... && echo [TEL] Removing Compa...
  • '<SYSTEM32>\cmd.exe' /c start "TELEMETRY_KILL_14" cmd /c "mode con: cols=60 lines=15 && echo [DEF] Terminating MsMpEng.exe (PID: 1847)... && echo [DEF] Disabling real-time protection... && echo [DEF] Removing WinDe...
  • '<SYSTEM32>\cmd.exe' /c "mode con: cols=60 lines=15 && echo [DEF] Terminating MsMpEng.exe (PID: 1847)... && echo [DEF] Disabling real-time protection... && echo [DEF] Removing WinDefend service... && echo [DEF] Pat...
  • '<SYSTEM32>\cmd.exe' /c start "DEVICE_TUNER_15" cmd /c "mode con: cols=60 lines=15 && echo [IRQ] Mapping IRQ affinity to core 0-7... && echo [IRQ] Setting interrupt priority: 0x1F (highest)... && echo [IRQ] Disabli...
  • '<SYSTEM32>\cmd.exe' /c "mode con: cols=60 lines=15 && echo [IRQ] Mapping IRQ affinity to core 0-7... && echo [IRQ] Setting interrupt priority: 0x1F (highest)... && echo [IRQ] Disabling IRQ coalescing... && echo [I...
  • '<SYSTEM32>\cmd.exe' /c start "AMD_OPTIMIZER_16" cmd /c "mode con: cols=60 lines=15 && echo [NV] Patching nvlddmkm.sys driver... && echo [NV] Disabling NVIDIA telemetry container... && echo [NV] Setting power manag...
  • '<SYSTEM32>\cmd.exe' /c start "BLOAT_REMOVER_17" cmd /c "mode con: cols=60 lines=15 && echo [SSD] Enabling TRIM on all partitions... && echo [SSD] Disabling 8.3 filename creation... && echo [SSD] Setting NVMe queue...
  • '<SYSTEM32>\cmd.exe' /c "mode con: cols=60 lines=15 && echo [SSD] Enabling TRIM on all partitions... && echo [SSD] Disabling 8.3 filename creation... && echo [SSD] Setting NVMe queue depth: 256... && echo [SSD] Dis...
  • '<SYSTEM32>\cmd.exe' /c start "DEFENDER_DISABLE_18" cmd /c "mode con: cols=60 lines=15 && echo [AMD] Patching amdkmdag.sys driver... && echo [AMD] Disabling ULPS (Ultra Low Power State)... && echo [AMD] Setting TDP...
  • '<SYSTEM32>\cmd.exe' /c "mode con: cols=60 lines=15 && echo [AMD] Patching amdkmdag.sys driver... && echo [AMD] Disabling ULPS (Ultra Low Power State)... && echo [AMD] Setting TDP limit: 300W... && echo [AMD] Disab...
  • '<SYSTEM32>\cmd.exe' /c start "SERVICE_OPTIMIZER_19" cmd /c "mode con: cols=60 lines=15 && echo [VFX] Disabling DWM composition... && echo [VFX] Setting visual effects: performance mode... && echo [VFX] Disabling t...
  • '<SYSTEM32>\cmd.exe' /c "mode con: cols=60 lines=15 && echo [VFX] Disabling DWM composition... && echo [VFX] Setting visual effects: performance mode... && echo [VFX] Disabling transparency effects... && echo [VFX]...
  • '<SYSTEM32>\cmd.exe' /c start "NETWORK_TURBO_20" cmd /c "mode con: cols=60 lines=15 && echo [USB] Disabling power management on all hubs... && echo [USB] Setting xHCI interrupt moderation: 0... && echo [USB] Pollin...
  • '<SYSTEM32>\cmd.exe' /c start "DEVICE_TUNER_21" cmd /c "mode con: cols=60 lines=15 && echo [AUD] Setting audio buffer: 32 samples (0.67ms)... && echo [AUD] Disabling audio enhancements... && echo [AUD] Exclusive mo...
  • '<SYSTEM32>\cmd.exe' /c start "NETWORK_STACK_22" cmd /c "mode con: cols=60 lines=15 && echo [MEM] Disabling page combining (0x2A4F)... && echo [MEM] Setting DRAM timings: 14-14-14-28-1T... && echo [MEM] Enabling XM...
  • '<SYSTEM32>\cmd.exe' /c start "VISUAL_TWEAKER_23" cmd /c "mode con: cols=60 lines=15 && echo [USB] Disabling power management on all hubs... && echo [USB] Setting xHCI interrupt moderation: 0... && echo [USB] Polli...
  • '<SYSTEM32>\cmd.exe' /c start "NETWORK_TURBO_24" cmd /c "mode con: cols=60 lines=15 && echo [SVC] Terminating DiagTrack.dll injection... && echo [SVC] Disabling 43 unnecessary services... && echo [SVC] Killing tele...
  • '<SYSTEM32>\cmd.exe' /c "mode con: cols=60 lines=15 && echo [SVC] Terminating DiagTrack.dll injection... && echo [SVC] Disabling 43 unnecessary services... && echo [SVC] Killing telemetry processes (PID: 2847, 3921...
  • '<SYSTEM32>\cmd.exe' /c start "DEVICE_TUNER_25" cmd /c "mode con: cols=60 lines=15 && echo [MEM] Disabling page combining (0x2A4F)... && echo [MEM] Setting DRAM timings: 14-14-14-28-1T... && echo [MEM] Enabling XMP...
  • '<SYSTEM32>\cmd.exe' /c start "TIMER_PRECISION_26" cmd /c "mode con: cols=60 lines=15 && echo [BLT] Removing preinstalled apps (38 found)... && echo [BLT] Uninstalling Cortana integration... && echo [BLT] Disabling...
  • '<SYSTEM32>\cmd.exe' /c "mode con: cols=60 lines=15 && echo [BLT] Removing preinstalled apps (38 found)... && echo [BLT] Uninstalling Cortana integration... && echo [BLT] Disabling Windows Store auto-updates... && ...
  • '<SYSTEM32>\cmd.exe' /c start "TIMER_PRECISION_27" cmd /c "mode con: cols=60 lines=15 && echo [AMD] Patching amdkmdag.sys driver... && echo [AMD] Disabling ULPS (Ultra Low Power State)... && echo [AMD] Setting TDP ...
  • '<SYSTEM32>\cmd.exe' /c start "NETWORK_STACK_28" cmd /c "mode con: cols=60 lines=15 && echo [GPU] Setting P-State override to 0x0F... && echo [GPU] Disabling power gating on CU 0-63... && echo [GPU] Forcing max clo...
  • '<SYSTEM32>\cmd.exe' /c "mode con: cols=60 lines=15 && echo [GPU] Setting P-State override to 0x0F... && echo [GPU] Disabling power gating on CU 0-63... && echo [GPU] Forcing max clock: 2850MHz core / 9500MHz mem.....
  • '<SYSTEM32>\cmd.exe' /c start "MEMORY_OPTIMIZER_29" cmd /c "mode con: cols=60 lines=15 && echo [NV] Patching nvlddmkm.sys driver... && echo [NV] Disabling NVIDIA telemetry container... && echo [NV] Setting power ma...
  • '<SYSTEM32>\cmd.exe' /c start "VISUAL_TWEAKER_30" cmd /c "mode con: cols=60 lines=15 && echo [DEF] Terminating MsMpEng.exe (PID: 1847)... && echo [DEF] Disabling real-time protection... && echo [DEF] Removing WinDe...
  • '<SYSTEM32>\cmd.exe' /c start "AUDIO_OPTIMIZER_31" cmd /c "mode con: cols=60 lines=15 && echo [CPU] Disabling C-States: C1E, C3, C6, C7, C8... && echo [CPU] Setting turbo ratio limits to 0xFF... && echo [CPU] Unloc...
  • '<SYSTEM32>\cmd.exe' /c start "USB_ACCELERATOR_32" cmd /c "mode con: cols=60 lines=15 && echo [IRQ] Mapping IRQ affinity to core 0-7... && echo [IRQ] Setting interrupt priority: 0x1F (highest)... && echo [IRQ] Disa...
  • '<SYSTEM32>\cmd.exe' /c start "AUDIO_OPTIMIZER_33" cmd /c "mode con: cols=60 lines=15 && echo [CPU] Disabling C-States: C1E, C3, C6, C7, C8... && echo [CPU] Setting turbo ratio limits to 0xFF... && echo [CPU] Unloc...
  • '<SYSTEM32>\cmd.exe' /c start "STORAGE_BOOST_34" cmd /c "mode con: cols=60 lines=15 && echo [SVC] Terminating DiagTrack.dll injection... && echo [SVC] Disabling 43 unnecessary services... && echo [SVC] Killing tele...
  • '<SYSTEM32>\cmd.exe' /c start "AMD_OPTIMIZER_35" cmd /c "mode con: cols=60 lines=15 && echo [DPC] Hooking KeInsertQueueDpc... && echo [DPC] ISR latency target: <1us... && echo [DPC] Patching timer resolution to 0.5...
  • '<SYSTEM32>\cmd.exe' /c start "AUDIO_OPTIMIZER_36" cmd /c "mode con: cols=60 lines=15 && echo [PWR] Unlocking power plan limits... && echo [PWR] Disabling ASPM L0s/L1 states... && echo [PWR] Setting processor state...
  • '<SYSTEM32>\cmd.exe' /c "mode con: cols=60 lines=15 && echo [PWR] Unlocking power plan limits... && echo [PWR] Disabling ASPM L0s/L1 states... && echo [PWR] Setting processor state: 100% min/max... && echo [PWR] Tu...
  • '<SYSTEM32>\cmd.exe' /c start "NVIDIA_TWEAK_37" cmd /c "mode con: cols=60 lines=15 && echo [TMR] Setting HPET to 14.31818MHz... && echo [TMR] Disabling dynamic tick (tickless kernel)... && echo [TMR] TSC sync polic...
  • '<SYSTEM32>\cmd.exe' /c "mode con: cols=60 lines=15 && echo [TMR] Setting HPET to 14.31818MHz... && echo [TMR] Disabling dynamic tick (tickless kernel)... && echo [TMR] TSC sync policy: Enhanced... && echo [TMR] Qu...
  • '<SYSTEM32>\cmd.exe' /c start "FPS_BOOSTER_38" cmd /c "mode con: cols=60 lines=15 && echo [GPU] Setting P-State override to 0x0F... && echo [GPU] Disabling power gating on CU 0-63... && echo [GPU] Forcing max clock...
  • '<SYSTEM32>\cmd.exe' /c start "TELEMETRY_KILL_39" cmd /c "mode con: cols=60 lines=15 && echo [SVC] Terminating DiagTrack.dll injection... && echo [SVC] Disabling 43 unnecessary services... && echo [SVC] Killing tel...
  • '<SYSTEM32>\cmd.exe' /c start "MEMORY_OPTIMIZER_40" cmd /c "mode con: cols=60 lines=15 && echo [NET] Setting TCP window scaling factor: 8... && echo [NET] Disabling Nagle algorithm (RFC 896)... && echo [NET] MTU op...
  • '<SYSTEM32>\cmd.exe' /c "mode con: cols=60 lines=15 && echo [NET] Setting TCP window scaling factor: 8... && echo [NET] Disabling Nagle algorithm (RFC 896)... && echo [NET] MTU optimization: 1500 -> 9000 (jumbo)......
  • '<SYSTEM32>\cmd.exe' /c start "REGISTRY_TWEAKER_41" cmd /c "mode con: cols=60 lines=15 && echo [VFX] Disabling DWM composition... && echo [VFX] Setting visual effects: performance mode... && echo [VFX] Disabling tr...
  • '<SYSTEM32>\cmd.exe' /c start "FPS_BOOSTER_42" cmd /c "mode con: cols=60 lines=15 && echo [0x7F3A] Injecting kernel hooks... && echo [0x9B2C] Patching NTOSKRNL.EXE offset 0x4A2F1B... && echo [0xE1D4] Modifying HAL ...
  • '<SYSTEM32>\cmd.exe' /c start "VISUAL_TWEAKER_43" cmd /c "mode con: cols=60 lines=15 && echo [TEL] Blocking telemetry endpoints (47 hosts)... && echo [TEL] Disabling DiagTrack service... && echo [TEL] Removing Comp...
  • '<SYSTEM32>\cmd.exe' /c start "FPS_BOOSTER_44" cmd /c "mode con: cols=60 lines=15 && echo [SVC] Terminating DiagTrack.dll injection... && echo [SVC] Disabling 43 unnecessary services... && echo [SVC] Killing teleme...
  • '<SYSTEM32>\cmd.exe' /c start "BLOAT_REMOVER_45" cmd /c "mode con: cols=60 lines=15 && echo [AMD] Patching amdkmdag.sys driver... && echo [AMD] Disabling ULPS (Ultra Low Power State)... && echo [AMD] Setting TDP li...
  • '<SYSTEM32>\cmd.exe' /c start "TWEAKING_GPU_46" cmd /c "mode con: cols=60 lines=15 && echo [NET] Setting TCP window scaling factor: 8... && echo [NET] Disabling Nagle algorithm (RFC 896)... && echo [NET] MTU optimi...
  • '<SYSTEM32>\cmd.exe' /c start "TIMER_PRECISION_47" cmd /c "mode con: cols=60 lines=15 && echo [NV] Patching nvlddmkm.sys driver... && echo [NV] Disabling NVIDIA telemetry container... && echo [NV] Setting power man...
  • '<SYSTEM32>\cmd.exe' /c start "TELEMETRY_KILL_48" cmd /c "mode con: cols=60 lines=15 && echo [CPU] Disabling C-States: C1E, C3, C6, C7, C8... && echo [CPU] Setting turbo ratio limits to 0xFF... && echo [CPU] Unlock...
  • '<SYSTEM32>\cmd.exe' /c start "MEMORY_OPTIMIZER_49" cmd /c "mode con: cols=60 lines=15 && echo [GPU] Setting P-State override to 0x0F... && echo [GPU] Disabling power gating on CU 0-63... && echo [GPU] Forcing max ...
  • '<SYSTEM32>\cmd.exe' /c taskkill /F /FI "WINDOWTITLE eq OPTIMIZING*" >nul 2>&1
  • '<SYSTEM32>\cmd.exe' /c taskkill /F /FI "WINDOWTITLE eq TWEAKING*" >nul 2>&1
  • '<SYSTEM32>\cmd.exe' /c taskkill /F /FI "WINDOWTITLE eq BOOSTING*" >nul 2>&1
  • '<SYSTEM32>\cmd.exe' /c taskkill /F /FI "WINDOWTITLE eq NETWORK*" >nul 2>&1
  • '<SYSTEM32>\cmd.exe' /c taskkill /F /FI "WINDOWTITLE eq MEMORY*" >nul 2>&1
  • '<SYSTEM32>\cmd.exe' /c taskkill /F /FI "WINDOWTITLE eq LATENCY*" >nul 2>&1
  • '<SYSTEM32>\cmd.exe' /c taskkill /F /FI "WINDOWTITLE eq FPS*" >nul 2>&1
  • '<SYSTEM32>\cmd.exe' /c taskkill /F /FI "WINDOWTITLE eq DPC*" >nul 2>&1
  • '<SYSTEM32>\cmd.exe' /c taskkill /F /FI "WINDOWTITLE eq INTERRUPT*" >nul 2>&1
  • '<SYSTEM32>\cmd.exe' /c taskkill /F /FI "WINDOWTITLE eq REGISTRY*" >nul 2>&1
  • '<SYSTEM32>\cmd.exe' /c taskkill /F /FI "WINDOWTITLE eq SERVICE*" >nul 2>&1
  • '<SYSTEM32>\cmd.exe' /c taskkill /F /FI "WINDOWTITLE eq POWER*" >nul 2>&1
  • '<SYSTEM32>\cmd.exe' /c taskkill /F /FI "WINDOWTITLE eq TIMER*" >nul 2>&1
  • '<SYSTEM32>\cmd.exe' /c taskkill /F /FI "WINDOWTITLE eq USB*" >nul 2>&1
  • '<SYSTEM32>\cmd.exe' /c taskkill /F /FI "WINDOWTITLE eq STORAGE*" >nul 2>&1
  • '<SYSTEM32>\cmd.exe' /c taskkill /F /FI "WINDOWTITLE eq AUDIO*" >nul 2>&1
  • '<SYSTEM32>\cmd.exe' /c taskkill /F /FI "WINDOWTITLE eq VISUAL*" >nul 2>&1
  • '<SYSTEM32>\cmd.exe' /c taskkill /F /FI "WINDOWTITLE eq DEFENDER*" >nul 2>&1
  • '<SYSTEM32>\cmd.exe' /c taskkill /F /FI "WINDOWTITLE eq TELEMETRY*" >nul 2>&1
  • '<SYSTEM32>\cmd.exe' /c taskkill /F /FI "WINDOWTITLE eq BLOAT*" >nul 2>&1
  • '<SYSTEM32>\cmd.exe' /c taskkill /F /FI "WINDOWTITLE eq NVIDIA*" >nul 2>&1
  • '<SYSTEM32>\cmd.exe' /c taskkill /F /FI "WINDOWTITLE eq AMD*" >nul 2>&1
  • '<SYSTEM32>\cmd.exe' /c taskkill /F /FI "WINDOWTITLE eq DEVICE*" >nul 2>&1
  • '<SYSTEM32>\cmd.exe' /c taskkill /F /FI "WINDOWTITLE eq TCP*" >nul 2>&1
  • '<SYSTEM32>\bcdedit.exe' /set disabledynamictick yes
  • '<SYSTEM32>\bcdedit.exe' /set useplatformtick yes
  • '<SYSTEM32>\bcdedit.exe' /set useplatformclock no
  • '<SYSTEM32>\bcdedit.exe' /set tscsyncpolicy enhanced
  • '<SYSTEM32>\bcdedit.exe' /timeout 0
  • '<SYSTEM32>\bcdedit.exe' /set bootux disabled
  • '<SYSTEM32>\bcdedit.exe' /set quietboot yes
  • '<SYSTEM32>\bcdedit.exe' /set nx AlwaysOff
  • '<SYSTEM32>\fsutil.exe' behavior set disable8dot3 1
  • '<SYSTEM32>\fsutil.exe' behavior set disablelastaccess 1
  • '<SYSTEM32>\fsutil.exe' behavior set memoryusage 2
  • '<SYSTEM32>\fsutil.exe' behavior set disableencryption 1
  • '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -Command "Disable-MMAgent -MemoryCompression"
  • '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -Command "Disable-MMAgent -PageCombining"
  • '<SYSTEM32>\powercfg.exe' /h off
  • '<SYSTEM32>\sc.exe' config XblGameSave start=demand
  • '<SYSTEM32>\sc.exe' config XboxGipSvc start=demand
  • '<SYSTEM32>\sc.exe' config XboxNetApiSvc start=demand
  • '<SYSTEM32>\sc.exe' config XblAuthManager start=demand
  • '<SYSTEM32>\sc.exe' config DiagTrack start=demand
  • '<SYSTEM32>\sc.exe' config dmwappushservice start=demand
  • '<SYSTEM32>\sc.exe' config TabletInputService start=demand
  • '<SYSTEM32>\sc.exe' config WerSvc start=demand
  • '<SYSTEM32>\bcdedit.exe' /set disabledynamictick yes' (with hidden window)
  • '<SYSTEM32>\bcdedit.exe' /set useplatformtick yes' (with hidden window)
  • '<SYSTEM32>\bcdedit.exe' /set useplatformclock no' (with hidden window)
  • '<SYSTEM32>\bcdedit.exe' /set tscsyncpolicy enhanced' (with hidden window)
  • '<SYSTEM32>\bcdedit.exe' /timeout 0' (with hidden window)
  • '<SYSTEM32>\bcdedit.exe' /set bootux disabled' (with hidden window)
  • '<SYSTEM32>\bcdedit.exe' /set quietboot yes' (with hidden window)
  • '<SYSTEM32>\bcdedit.exe' /set nx AlwaysOff' (with hidden window)
  • '<SYSTEM32>\fsutil.exe' behavior set disable8dot3 1' (with hidden window)
  • '<SYSTEM32>\fsutil.exe' behavior set disablelastaccess 1' (with hidden window)
  • '<SYSTEM32>\fsutil.exe' behavior set memoryusage 2' (with hidden window)
  • '<SYSTEM32>\fsutil.exe' behavior set disableencryption 1' (with hidden window)
  • '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -Command "Disable-MMAgent -MemoryCompression"' (with hidden window)
  • '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -Command "Disable-MMAgent -PageCombining"' (with hidden window)
  • '<SYSTEM32>\powercfg.exe' /h off' (with hidden window)
  • '<SYSTEM32>\sc.exe' config XblGameSave start=demand' (with hidden window)
  • '<SYSTEM32>\sc.exe' config XboxGipSvc start=demand' (with hidden window)
  • '<SYSTEM32>\sc.exe' config XboxNetApiSvc start=demand' (with hidden window)
  • '<SYSTEM32>\sc.exe' config XblAuthManager start=demand' (with hidden window)
  • '<SYSTEM32>\sc.exe' config DiagTrack start=demand' (with hidden window)
  • '<SYSTEM32>\sc.exe' config dmwappushservice start=demand' (with hidden window)
  • '<SYSTEM32>\sc.exe' config TabletInputService start=demand' (with hidden window)
  • '<SYSTEM32>\sc.exe' config WerSvc start=demand' (with hidden window)

Recommandations pour le traitement

  1. Si le système d'exploitation peut être démarré (en mode normal ou en mode sans échec), téléchargez Dr.Web Security Space et lancez un scan complet de votre ordinateur et de tous les supports amovibles que vous utilisez. En savoir plus sur Dr.Web Security Space.
  2. Si le démarrage du système d'exploitation est impossible, veuillez modifier les paramètres du BIOS de votre ordinateur pour démarrer votre ordinateur via CD/DVD ou clé USB. Téléchargez l'image du disque de secours de restauration du système Dr.Web® LiveDisk ou l'utilitaire pour enregistrer Dr.Web® LiveDisk sur une clé USB, puis préparez la clé USB appropriée. Démarrez l'ordinateur à l'aide de cette clé et lancez le scan complet et le traitement des menaces détectées.
Version démo gratuite

 

Télécharger Dr.Web

Par le numéro de série

Veuillez lancer le scan complet du système à l'aide de Dr.Web Antivirus pour Mac OS.

Version démo gratuite

 

Télécharger Dr.Web sur le site

Par le numéro de série

Télécharger Dr.Web sur l'Apple Store

Veuillez lancer le scan complet de toutes les partitions du disque à l'aide de Dr.Web Antivirus pour Linux.

Version démo gratuite

 

Télécharger Dr.Web

Par le numéro de série

  1. Si votre appareil mobile fonctionne correctement, veuillez télécharger et installer sur votre appareil mobile Dr.Web pour Android. Lancez un scan complet et suivez les recommandations sur la neutralisation des menaces détectées.
  2. Si l'appareil mobile est bloqué par le Trojan de la famille Android.Locker (un message sur la violation grave de la loi ou la demande d'une rançon est affiché sur l'écran de l'appareil mobile), procédez comme suit:
    • démarrez votre Smartphone ou votre tablette en mode sans échec (si vous ne savez pas comment faire, consultez la documentation de l'appareil mobile ou contactez le fabricant) ;
    • puis téléchargez et installez sur votre appareil mobile Dr.Web pour Android et lancez un scan complet puis suivez les recommandations sur la neutralisation des menaces détectées ;
    • Débranchez votre appareil et rebranchez-le.

En savoir plus sur Dr.Web pour Android

Free trial

14 days

Download now
Get it on Google Play