Защити созданное

Другие наши ресурсы

  • free.drweb.uz — бесплатные утилиты, плагины, информеры
  • av-desk.com — интернет-сервис для поставщиков услуг Dr.Web AV-Desk
  • curenet.drweb.uz — сетевая лечащая утилита Dr.Web CureNet!
  • www.drweb.uz/web-iq — ВебIQметр
Закрыть

Библиотека
Моя библиотека

Чтобы добавить ресурс в библиотеку, войдите в аккаунт.

+ Добавить в библиотеку

Ресурсов: -

Последний: -

Моя библиотека

Поиск

Поиск

Поддержка
Круглосуточная поддержка | Правила обращения

Напишите

Запрос через форму

Позвоните

Бесплатно по России:
8-800-333-79-32

ЧаВо | Форум

Ваши запросы

  • Все: -
  • Незакрытые: -
  • Последний: -
Создать новый запрос Частые вопросы

Позвоните

Бесплатно по России:
8-800-333-79-32

Свяжитесь с нами Незакрытые запросы: 

Профиль

Профиль

UZ

RU CN DE EN ES FR IT JP KZ UZ PL BY
Закрыть
Сервисы
Сканеры
Dr.Web vxCube
Демо
Экспертиза ВКИ
Вирусная библиотека
База знаний

Технологии

Термины

Обучение и просвещение

Мифы

Новости

Trojan.DownLoader30.30988

Добавлен в вирусную базу Dr.Web: 2019-10-28

Описание добавлено:

Technical Information

To ensure autorun and distribution
Creates the following services
  • [<HKLM>\System\CurrentControlSet\Services\DNS-Service] 'Start' = '00000002'
  • [<HKLM>\System\CurrentControlSet\Services\DNS-Service] 'ImagePath' = '"%WINDIR%\SysWOW64\drivers\dllhost.exe"'
Malicious functions
Executes the following
  • '%WINDIR%\syswow64\taskkill.exe' /f /im rutserv.exe
  • '%WINDIR%\syswow64\taskkill.exe' /f /im rfusclient.exe
  • '%WINDIR%\syswow64\netsh.exe' firewall add portopening TCP 5650 "Open Port 5650"
  • '%WINDIR%\syswow64\netsh.exe' advfirewall firewall add rule name="Open Port 5650" dir=in action=allow protocol=TCP localport=5650
Modifies file system
Creates the following files
  • %TEMP%\$inst\2.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-3ipp8.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-vnm7u.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-vom0l.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-kvk8h.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-o0gd3.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-q0tm7.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-pmbjb.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-o5k6o.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-qme25.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-n2uqg.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-gkgrf.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-3qa4i.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-c9c76.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-ecgui.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-8jgkc.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-p9av1.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-v663k.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-igttd.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\product\is-dpgpp.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\skin\is-4oun3.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-spras.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-qq5k0.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-jl910.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-13hu6.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-h6urn.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-p4abr.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-rv4ui.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-8ti4u.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-8h5u5.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-vu9qe.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-mt9v6.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-baib3.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-c7h9u.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-od6fs.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-cdjus.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-ltpg4.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-a473o.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-q472t.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-0p17u.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-aqffc.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-6mnrq.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-l3268.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-8njbv.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-usfu7.tmp
  • %PROGRAMDATA%\microsoft\windows\start menu\programs\aiseesoft\aiseesoft data recovery\aiseesoft data recovery.lnk
  • %PROGRAMDATA%\microsoft\windows\start menu\programs\aiseesoft\aiseesoft data recovery\uninstall aiseesoft data recovery.lnk
  • %HOMEPATH%\desktop\aiseesoft data recovery.lnk
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\unins000.dat
  • %TEMP%\101.ico
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-dvmvi.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-0dbgi.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-qq9rv.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-h1kvo.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-6i6si.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-dcod4.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-k7k02.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-srq0v.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-agcgo.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-eomo0.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-e9mle.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-d385j.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-p4u6q.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-vhlg8.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-pento.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-bm9re.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-ud8j3.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-e13pl.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-c1rbp.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-rijl0.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\product\is-3vrdi.tmp
  • %PROGRAMDATA%\domain name system servis\install.log
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\platforms\is-o18rp.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\language\is-t2pg4.tmp
  • %TEMP%\is-c77kn.tmp\installer.png
  • %TEMP%\is-c77kn.tmp\server.png
  • %TEMP%\is-c77kn.tmp\logo3.png
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-gknig.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-25grn.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-4o7f2.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-boujn.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-tdodo.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-hbtko.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-31nb7.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-bqohn.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-4ia1g.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-f32sm.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-vie1q.tmp
  • %TEMP%\is-c77kn.tmp\icon.png
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-psp9v.tmp
  • %TEMP%\is-c77kn.tmp\eng.png
  • %TEMP%\aiseesoft data recovery\1.1.18.22916\setup.exe
  • %TEMP%\$inst\temp_0.tmp
  • %WINDIR%\syswow64\drivers\install.cmd
  • %WINDIR%\syswow64\drivers\install.exe
  • %WINDIR%\syswow64\drivers\ssleay32.dll
  • %WINDIR%\syswow64\drivers\libeay32.dll
  • %WINDIR%\syswow64\drivers\dllhost.exe
  • %TEMP%\$inst\0001.tmp
  • %TEMP%\is-c77kn.tmp\botva2.dll
  • %TEMP%\is-1ptpt.tmp\setup.tmp
  • %TEMP%\is-c77kn.tmp\_isetup\_regdll.tmp
  • %TEMP%\is-c77kn.tmp\_isetup\_setup64.tmp
  • %TEMP%\is-c77kn.tmp\_isetup\_shfoldr.dll
  • %TEMP%\is-c77kn.tmp\iswin7logo.dll
  • %TEMP%\is-c77kn.tmp\b2p.dll
  • %TEMP%\is-c77kn.tmp\rus.png
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-kph4k.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-87cv8.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-es1dk.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\is-hevpe.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\is-ff6p6.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\is-8rd82.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\is-g873n.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\is-ugg4b.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-pvfet.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-0eu6u.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\is-m1bmj.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\is-veu1f.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\is-k6sva.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\language\is-n7msp.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\language\is-q8spc.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\language\is-ehnmk.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\is-ei5u3.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\is-o930v.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-pfpub.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-v90v3.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-c9h3s.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-k45pq.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-dpdc6.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-390tc.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-ffeti.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-arqhq.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-ohon9.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-i0u3p.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-t0bjr.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-0q8hd.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-pe4o8.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-q667o.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-fqrnf.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-9qlhb.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-u76as.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-4mu8t.tmp
  • %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\language\is-9vijs.tmp
  • %WINDIR%\syswow64\idfgvgjnghcdfb.reg
Sets the 'hidden' attribute to the following files
  • %TEMP%\is-c77kn.tmp\iswin7logo.dll
  • %TEMP%\is-c77kn.tmp\b2p.dll
  • %TEMP%\is-c77kn.tmp\botva2.dll
  • %TEMP%\is-c77kn.tmp\rus.png
  • %TEMP%\is-c77kn.tmp\eng.png
  • %TEMP%\is-c77kn.tmp\icon.png
  • %TEMP%\is-c77kn.tmp\installer.png
  • %TEMP%\is-c77kn.tmp\server.png
  • %WINDIR%\syswow64\idfgvgjnghcdfb.reg
  • %WINDIR%\syswow64\drivers\dllhost.exe
  • %WINDIR%\syswow64\drivers\install.exe
  • %WINDIR%\syswow64\drivers\install.cmd
Deletes the following files
  • %TEMP%\$inst\temp_0.tmp
  • %TEMP%\is-1ptpt.tmp\setup.tmp
  • %TEMP%\is-c77kn.tmp\_isetup\_shfoldr.dll
  • %TEMP%\is-c77kn.tmp\_isetup\_setup64.tmp
  • %TEMP%\is-c77kn.tmp\_isetup\_regdll.tmp
  • %TEMP%\is-c77kn.tmp\server.png
  • %TEMP%\is-c77kn.tmp\rus.png
  • %TEMP%\is-c77kn.tmp\logo3.png
  • %TEMP%\is-c77kn.tmp\iswin7logo.dll
  • %TEMP%\is-c77kn.tmp\installer.png
  • %TEMP%\is-c77kn.tmp\icon.png
  • %TEMP%\is-c77kn.tmp\eng.png
  • %TEMP%\is-c77kn.tmp\botva2.dll
  • %TEMP%\is-c77kn.tmp\b2p.dll
  • %TEMP%\$inst\2.tmp
  • %TEMP%\$inst\0001.tmp
  • %WINDIR%\syswow64\drivers\install.exe
  • %WINDIR%\syswow64\drivers\install.cmd
Moves the following files
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-gknig.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\unins000.exe
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-od6fs.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\38.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-o5k6o.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\37.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-ecgui.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\36.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-c9c76.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\35.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-3qa4i.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\34.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-gkgrf.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\33.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-n2uqg.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\32.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-qme25.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\31.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-pmbjb.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\30.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-p9av1.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\3.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-q0tm7.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\29.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-o0gd3.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\28.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-vom0l.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\26.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-ltpg4.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\4.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-vnm7u.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\25.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-3ipp8.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\24.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-8jgkc.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\23.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-v663k.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\22.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-c7h9u.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\21.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-p4abr.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\20.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-baib3.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\2.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-mt9v6.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\19.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-vu9qe.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\18.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-8h5u5.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\17.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-8ti4u.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\16.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-kvk8h.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\27.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\is-veu1f.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\qwbmp.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-d385j.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\40.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-0dbgi.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\main.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-dvmvi.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\framework.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-usfu7.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\9.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-6mnrq.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\8.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-aqffc.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\7.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-0p17u.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\60.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-q472t.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\6.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-a473o.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\59.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-8njbv.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\58.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-l3268.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\57.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-qq9rv.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\56.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-h1kvo.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\55.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-rv4ui.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\15.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-cdjus.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\39.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-e13pl.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\52.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-ud8j3.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\51.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-bm9re.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\50.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-pento.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\5.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-vhlg8.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\49.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-rijl0.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\48.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-p4u6q.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\47.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-e9mle.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\46.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-eomo0.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\45.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-agcgo.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\44.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-srq0v.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\43.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-k7k02.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\42.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-c1rbp.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\53.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-dcod4.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\41.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-h6urn.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\14.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-igttd.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\13.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-13hu6.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\12.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-87cv8.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\microsoft.vc90.crt.manifest
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-pe4o8.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\sficon.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-0q8hd.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\qt5xml.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-4mu8t.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\qt5winextras.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-t0bjr.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\qt5widgets.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-ohon9.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\qt5network.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-arqhq.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\qt5gui.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-ffeti.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\qt5core.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-390tc.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\msvcr90.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-dpdc6.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\msvcr120.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-k45pq.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\msvcp90.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-i0u3p.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\msvcp120.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\unins000.dat to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\uninstall.dat
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-fqrnf.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-kph4k.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\machineinfo.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-tdodo.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\libeay32.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-vie1q.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\libcurl.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-f32sm.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\feedback.exe
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-4ia1g.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\drscanner.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-bqohn.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\drexporter.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-31nb7.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\drdata.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-hbtko.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\applarge.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-boujn.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\app.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-psp9v.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\app.ico
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-4o7f2.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\aiseesoft data recovery.exe
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-25grn.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\aff.ini
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-es1dk.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\msvcm90.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-6i6si.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\54.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-9qlhb.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen.xml
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-v90v3.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\uddisk.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-u76as.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen_ja.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-jl910.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\11.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-qq5k0.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\10.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\is-spras.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen\1.png
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\skin\is-4oun3.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\skin\elegance.rcc
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\product\is-dpgpp.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\product\product.data
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\product\is-3vrdi.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\product\affiliate.xml
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\platforms\is-o18rp.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\platforms\qwindows.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\language\is-9vijs.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\language\ru.rcc
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\language\is-t2pg4.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\language\ja.rcc
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\language\is-ehnmk.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\language\fr.rcc
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\language\is-q8spc.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\language\en.rcc
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-c9h3s.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\ssleay32.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\language\is-n7msp.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\language\de.rcc
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-q667o.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\splashscreen.exe
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\is-o930v.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\qtiff.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\is-ei5u3.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\qtga.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\is-m1bmj.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\qsvg.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\is-ugg4b.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\qjpeg.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\is-g873n.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\qico.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\is-8rd82.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\qicns.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\is-ff6p6.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\qgif.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\is-hevpe.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\qdds.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-0eu6u.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\utility.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-pvfet.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\udio.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\is-pfpub.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\udfilesystem.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\is-k6sva.tmp to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\imageformats\qwebp.dll
  • from %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\unins000.exe to %ProgramFiles(x86)%\aiseesoft studio\aiseesoft data recovery\uninstall.exe
Substitutes the following files
  • %TEMP%\$inst\2.tmp
  • %TEMP%\$inst\temp_0.tmp
Network activity
UDP
  • DNS ASK sm##.#paceweb.ru
  • DNS ASK rm#####ver.tektonit.ru
Miscellaneous
Searches for the following windows
  • ClassName: '' WindowName: ''
Creates and executes the following
  • '%TEMP%\aiseesoft data recovery\1.1.18.22916\setup.exe' /VERYSILENT /I /RU
  • '%TEMP%\is-1ptpt.tmp\setup.tmp' /SL5="$400B8,8787428,465408,%TEMP%\Aiseesoft Data Recovery\1.1.18.22916\setup.exe" /VERYSILENT /I /RU
  • '%WINDIR%\syswow64\drivers\install.exe'
  • '%WINDIR%\syswow64\drivers\dllhost.exe' /silentinstall
  • '%WINDIR%\syswow64\drivers\dllhost.exe' /firewall
  • '%WINDIR%\syswow64\drivers\dllhost.exe' /start
  • '%WINDIR%\syswow64\drivers\dllhost.exe'
  • '%WINDIR%\syswow64\drivers\dllhost.exe' -firewall
  • '%WINDIR%\syswow64\cmd.exe' /c ""<DRIVERS>\install.cmd" "' (with hidden window)
  • '%TEMP%\aiseesoft data recovery\1.1.18.22916\setup.exe' /VERYSILENT /I /RU' (with hidden window)
Executes the following
  • '%WINDIR%\syswow64\cmd.exe' /c ""<DRIVERS>\install.cmd" "
  • '%WINDIR%\syswow64\reg.exe' delete "HKLM\SYSTEM\Remote Manipulator System" /f
  • '%WINDIR%\syswow64\ping.exe' 127.0.0.1
  • '%WINDIR%\syswow64\attrib.exe' +h +s "<SYSTEM32>\idfgvgjnghcdfb.reg"
  • '%WINDIR%\syswow64\attrib.exe' +h +s "dllhost.exe"
  • '%WINDIR%\syswow64\attrib.exe' +h +s "install.exe"
  • '%WINDIR%\syswow64\attrib.exe' +h +s "install.cmd"
  • '%WINDIR%\syswow64\attrib.exe' -h -s "rfusclient.exe"
  • '%WINDIR%\syswow64\attrib.exe' -h -s -r "%ProgramFiles(x86)%\Remote Manipulator System - Host"
  • '%WINDIR%\syswow64\attrib.exe' -h -s -r "%ProgramFiles%\Remote Manipulator System - Host"
  • '%WINDIR%\syswow64\attrib.exe' -h -s "install.exe"
  • '%WINDIR%\syswow64\attrib.exe' -h -s "install.cmd"

Рекомендации по лечению

  1. В случае если операционная система способна загрузиться (в штатном режиме или режиме защиты от сбоев), скачайте лечащую утилиту Dr.Web CureIt! и выполните с ее помощью полную проверку вашего компьютера, а также используемых вами переносных носителей информации.
  2. Если загрузка операционной системы невозможна, измените настройки BIOS вашего компьютера, чтобы обеспечить возможность загрузки ПК с компакт-диска или USB-накопителя. Скачайте образ аварийного диска восстановления системы Dr.Web® LiveDisk или утилиту записи Dr.Web® LiveDisk на USB-накопитель, подготовьте соответствующий носитель. Загрузив компьютер с использованием данного носителя, выполните его полную проверку и лечение обнаруженных угроз.
Демо бесплатно

 

Скачать Dr.Web

По серийному номеру

Выполните полную проверку системы с использованием Антивируса Dr.Web Light для macOS. Данный продукт можно загрузить с официального сайта Apple App Store.

Демо бесплатно

 

Скачать Dr.Web

По серийному номеру

Скачать Dr.Web с Apple Store

На загруженной ОС выполните полную проверку всех дисковых разделов с использованием продукта Антивирус Dr.Web для Linux.

Демо бесплатно

 

Скачать Dr.Web

По серийному номеру

  1. Если мобильное устройство функционирует в штатном режиме, загрузите и установите на него бесплатный антивирусный продукт Dr.Web для Android Light. Выполните полную проверку системы и используйте рекомендации по нейтрализации обнаруженных угроз.
  2. Если мобильное устройство заблокировано троянцем-вымогателем семейства Android.Locker (на экране отображается обвинение в нарушении закона, требование выплаты определенной денежной суммы или иное сообщение, мешающее нормальной работе с устройством), выполните следующие действия:
    • загрузите свой смартфон или планшет в безопасном режиме (в зависимости от версии операционной системы и особенностей конкретного мобильного устройства эта процедура может быть выполнена различными способами; обратитесь за уточнением к инструкции, поставляемой вместе с приобретенным аппаратом, или напрямую к его производителю);
    • после активации безопасного режима установите на зараженное устройство бесплатный антивирусный продукт Dr.Web для Android Light и произведите полную проверку системы, выполнив рекомендации по нейтрализации обнаруженных угроз;
    • выключите устройство и включите его в обычном режиме.

Подробнее о Dr.Web для Android

Демо бесплатно на 14 дней

Выдаётся при установке

Скачать с сайта
Скачать с Google Play