ПОЛЬЗОВАТЕЛЯМ

Закрыть

Поиск

Поиск

Поддержка
Круглосуточная поддержка

Напишите

Запрос через форму

Позвоните

Бесплатно по России:
8-800-333-79-32

ЧаВо | Форум

Напишите

Задать вопрос в поддержку

Ваши запросы

  • Все: -
  • Незакрытые: -
  • Последний: -

Позвоните

Бесплатно по России:
8-800-333-79-32

Свяжитесь с нами Незакрытые запросы: 

Профиль

Профиль

RU
RU CN DE EN ES FR IT JP KZ UZ PL BY ID
Закрыть

Переключение языка сайта

Сервисы
Сканеры
FixIt!
Dr.Web vxCube
Экспертиза ВКИ
Вирусная библиотека
База знаний

Технологии

Термины

Обучение и просвещение

Мифы

Новости

Trojan.Encoder.40898

Добавлен в вирусную базу Dr.Web: 2024-08-20

Описание добавлено:

Техническая информация

Вредоносные функции
Читает файлы, отвечающие за хранение паролей сторонними программами
  • %HOMEPATH%\desktop\1189.jpg
  • %HOMEPATH%\desktop\trivial-merge.htm
  • %HOMEPATH%\desktop\testcertificate.cer
  • %HOMEPATH%\desktop\split.avi
  • %HOMEPATH%\desktop\sdszfo.docx
  • %HOMEPATH%\desktop\nwfieldnotes1966.docx
  • %HOMEPATH%\desktop\lisp_success.doc
  • %HOMEPATH%\desktop\ituneshelpunavailable.htm
  • %HOMEPATH%\desktop\issi2013_template_for_posters.docx
  • %HOMEPATH%\desktop\hadac_newsletter_july_2010_final.docx
  • %HOMEPATH%\desktop\tree_view.html
  • %HOMEPATH%\desktop\iisstart.html
  • %HOMEPATH%\desktop\february_catalogue__2015.doc
  • %HOMEPATH%\desktop\dashborder_144.bmp
  • %HOMEPATH%\desktop\coffee.bmp
  • %HOMEPATH%\desktop\alert.htm
  • %HOMEPATH%\desktop\64bit_notes.htm
  • %HOMEPATH%\desktop\4f0bf7ff71f28.jpeg
  • %HOMEPATH%\desktop\3.jpg
  • %HOMEPATH%\desktop\210252809.jpg
  • %HOMEPATH%\desktop\13.jpg
  • %HOMEPATH%\desktop\howto-index.html
  • %HOMEPATH%\desktop\uep_form_786_bulletin_1726i602.doc
Изменения в файловой системе
Создает следующие файлы
  • %HOMEPATH%\documents\readme.txt
  • %ProgramFiles%\microsoft office\document themes 14\grid.thmx.abc
  • %ProgramFiles%\mozilla firefox\api-ms-win-crt-process-l1-1-0.dll.abc
  • %ProgramFiles%\mozilla firefox\api-ms-win-crt-time-l1-1-0.dll.abc
  • %ProgramFiles%\mozilla firefox\api-ms-win-core-processthreads-l1-1-1.dll.abc
  • %ProgramFiles%\mozilla firefox\accessible.tlb.abc
  • %ProgramFiles%\microsoft office\document themes 14\couture.thmx.abc
  • %ProgramFiles%\mozilla firefox\api-ms-win-crt-filesystem-l1-1-0.dll.abc
  • %ProgramFiles%\microsoft office\office14\thocr.psp.abc
  • %ProgramFiles%\mozilla firefox\application.ini.abc
  • %ProgramFiles%\microsoft office\document themes 14\concourse.thmx.abc
  • %ProgramFiles%\microsoft office\office14\ppslax.dll.abc
  • %ProgramFiles%\mozilla firefox\mozavcodec.dll.abc
  • %ProgramFiles%\mozilla firefox\accessiblemarshal.dll.abc
  • %ProgramFiles%\mozilla firefox\api-ms-win-core-file-l2-1-0.dll.abc
  • %ProgramFiles%\mozilla firefox\api-ms-win-crt-multibyte-l1-1-0.dll.abc
  • %ProgramFiles%\mozilla firefox\crashreporter.ini.abc
  • %ProgramFiles%\microsoft office\office14\msohtmed.exe.abc
  • %ProgramFiles%\microsoft office\office14\msoutl.olb.abc
  • %ProgramFiles%\microsoft office\office14\msn.ico.abc
  • %ProgramFiles%\microsoft office\office14\mspub.tlb.abc
  • %ProgramFiles%\microsoft office\document themes 14\perspective.thmx.abc
  • %ProgramFiles%\microsoft office\document themes 14\metro.thmx.abc
  • %ProgramFiles%\microsoft office\document themes 14\newsprint.thmx.abc
  • %ProgramFiles%\microsoft office\document themes 14\opulent.thmx.abc
  • %ProgramFiles%\microsoft office\document themes 14\horizon.thmx.abc
  • %ProgramFiles%\microsoft office\document themes 14\angles.thmx.abc
  • %ProgramFiles%\microsoft office\document themes 14\adjacency.thmx.abc
  • %ProgramFiles%\microsoft office\document themes 14\aspect.thmx.abc
  • %ProgramFiles%\microsoft office\document themes 14\austin.thmx.abc
  • %ProgramFiles%\mozilla firefox\libegl.dll.abc
  • %ProgramFiles%\microsoft office\office14\mscss7cm_en.dub.abc
  • %ProgramFiles%\microsoft office\office14\mscss7cm_es.dub.abc
  • %ProgramFiles(x86)%\windows nt\tabletextservice\tabletextserviceamharic.txt.abc
  • %ProgramFiles%\microsoft office\document themes 14\executive.thmx.abc
  • %ProgramFiles(x86)%\windows nt\tabletextservice\tabletextservicearray.txt.abc
  • %ProgramFiles(x86)%\windows nt\tabletextservice\tabletextservicedayi.txt.abc
  • %ProgramFiles(x86)%\windows sidebar\en-us\readme.txt
  • %ProgramFiles(x86)%\windows portable devices\readme.txt
  • %ProgramFiles(x86)%\windows photo viewer\readme.txt
  • %ProgramFiles(x86)%\windows photo viewer\en-us\readme.txt
  • %ProgramFiles%\microsoft office\document themes 14\slipstream.thmx.abc
  • %ProgramFiles%\microsoft office\document themes 14\solstice.thmx.abc
  • %ProgramFiles%\microsoft office\office14\outlctl.dll.abc
  • %ProgramFiles%\microsoft office\document themes 14\technic.thmx.abc
  • %ProgramFiles%\microsoft office\document themes 14\waveform.thmx.abc
  • %ProgramFiles%\microsoft office\office14\twlay32.dll.abc
  • %ProgramFiles%\microsoft office\office14\microsoft.businessdata.dll.abc
  • %ProgramFiles%\microsoft office\document themes 14\thatch.thmx.abc
  • %ProgramFiles%\microsoft office\document themes 14\median.thmx.abc
  • %ProgramFiles%\microsoft office\document themes 14\verve.thmx.abc
  • %ProgramFiles%\microsoft office\document themes 14\urban.thmx.abc
  • %ProgramFiles%\microsoft office\document themes 14\essential.thmx.abc
  • %ProgramFiles%\microsoft office\document themes 14\clarity.thmx.abc
  • %ProgramFiles%\microsoft office\document themes 14\hardcover.thmx.abc
  • %ProgramFiles%\microsoft office\document themes 14\trek.thmx.abc
  • %ProgramFiles%\microsoft office\document themes 14\module.thmx.abc
  • %ProgramFiles%\microsoft office\office14\ssgen.dll.abc
  • %ProgramFiles%\microsoft office\document themes 14\oriel.thmx.abc
  • %ProgramFiles%\microsoft office\document themes 14\elemental.thmx.abc
  • %ProgramFiles%\microsoft office\document themes 14\origin.thmx.abc
  • %ProgramFiles%\microsoft office\document themes 14\civic.thmx.abc
  • %ProgramFiles%\microsoft office\office14\pptico.exe.abc
  • %ProgramFiles%\microsoft office\document themes 14\flow.thmx.abc
  • %ProgramFiles%\microsoft office\document themes 14\composite.thmx.abc
  • %ProgramFiles%\microsoft office\document themes 14\foundry.thmx.abc
  • %ProgramFiles%\mozilla firefox\api-ms-win-crt-stdio-l1-1-0.dll.abc
  • %ProgramFiles%\microsoft office\document themes 14\apothecary.thmx.abc
  • %ProgramFiles%\microsoft office\document themes 14\paper.thmx.abc
  • %ProgramFiles%\microsoft office\office14\msodcw.dll.abc
  • %ProgramFiles%\microsoft office\office14\peopledatahandler.dll.abc
  • %ProgramFiles%\microsoft office\office14\bcsruntime.dll.abc
  • %ProgramFiles%\microsoft office\office14\mscss7wre_fr.dub.abc
  • %ProgramFiles%\microsoft office\office14\gkpowerpoint.dll.abc
  • %ProgramFiles%\microsoft office\office14\offxml.dll.abc
  • %ProgramFiles%\microsoft office\office14\msword.olb.abc
  • %ProgramFiles%\microsoft office\office14\oimg.dll.abc
  • %ProgramFiles%\microsoft office\office14\msocfu.dll.abc
  • %ProgramFiles%\microsoft office\office14\mscss7es.dll.abc
  • %ProgramFiles%\microsoft office\office14\exsec32.dll.abc
  • %ProgramFiles%\microsoft office\office14\css7data000c.dll.abc
  • %ProgramFiles%\microsoft office\office14\readme.txt.abc
  • %ProgramFiles(x86)%\windows nt\tabletextservice\readme.txt
  • %ProgramFiles%\microsoft office\office14\msacc.olb.abc
  • %ProgramFiles%\mozilla firefox\dependentlibs.list.abc
  • %ProgramFiles%\mozilla firefox\api-ms-win-core-timezone-l1-1-0.dll.abc
  • %ProgramFiles%\mozilla firefox\install.log.abc
  • %ProgramFiles%\mozilla firefox\api-ms-win-crt-convert-l1-1-0.dll.abc
  • %ProgramFiles%\mozilla firefox\accessiblehandler.dll.abc
  • %ProgramFiles%\mozilla firefox\api-ms-win-crt-private-l1-1-0.dll.abc
  • %ProgramFiles%\mozilla firefox\ia2marshal.dll.abc
  • %ProgramFiles%\mozilla firefox\api-ms-win-crt-conio-l1-1-0.dll.abc
  • %ProgramFiles(x86)%\windows nt\accessories\readme.txt
  • %ProgramFiles(x86)%\windows media player\skins\readme.txt
  • %ProgramFiles%\mozilla firefox\browser\override.ini.abc
  • %ProgramFiles%\mozilla firefox\d3dcompiler_47.dll.abc
  • %ProgramFiles%\mozilla firefox\lgpllibs.dll.abc
  • %ProgramFiles%\mozilla firefox\api-ms-win-crt-utility-l1-1-0.dll.abc
  • %ProgramFiles%\mozilla firefox\api-ms-win-crt-string-l1-1-0.dll.abc
  • %ProgramFiles%\mozilla firefox\api-ms-win-crt-locale-l1-1-0.dll.abc
  • %ProgramFiles%\microsoft office\office14\seqchk10.dll.abc
  • %ProgramFiles%\microsoft office\office14\thocrapi.dll.abc
  • %ProgramFiles%\microsoft office\office14\sharepointprovider.dll.abc
  • %ProgramFiles%\microsoft office\document themes 14\equity.thmx.abc
  • %ProgramFiles%\microsoft office\office14\twrecc.dll.abc
  • %ProgramFiles%\microsoft office\office14\reverse.dll.abc
  • %ProgramFiles%\microsoft office\office14\vpreview.exe.abc
  • %ProgramFiles%\microsoft office\office14\wordcnv.dll.abc
  • %ProgramFiles%\microsoft office\office14\wwlib.dll.abc
  • %ProgramFiles%\microsoft office\office14\spanish.lng.abc
  • %ProgramFiles%\microsoft office\office14\clview.exe.abc
  • %ProgramFiles%\microsoft office\office14\reminder.wav.abc
  • %ProgramFiles%\microsoft office\office14\winword.exe.abc
  • %ProgramFiles%\microsoft office\office14\ipeditor.dll.abc
  • %ProgramFiles%\microsoft office\office14\advcmp.dic.abc
  • %ProgramFiles%\microsoft office\office14\emablt32.dll.abc
  • %ProgramFiles%\microsoft office\office14\msosync.exe.abc
  • %ProgramFiles%\microsoft office\document themes 14\apex.thmx.abc
  • %ProgramFiles%\microsoft office\document themes 14\black tie.thmx.abc
  • %ProgramFiles%\microsoft office\office14\onbttnielinkednotes.dll.abc
  • %ProgramFiles%\microsoft office\office14\onfilter.dll.abc
  • %ProgramFiles%\microsoft office\office14\onpptaddin.dll.abc
  • %ProgramFiles%\microsoft office\office14\ogalegit.dll.abc
  • %ProgramFiles%\microsoft office\office14\socialconnector.dll.abc
  • %ProgramFiles%\microsoft office\office14\entitypicker.dll.abc
  • %ProgramFiles%\microsoft office\office14\selfcert.exe.abc
  • %ProgramFiles%\microsoft office\office14\nl7models000a.dll.abc
  • %ProgramFiles%\mozilla firefox\freebl3.dll.abc
  • %ProgramFiles%\microsoft office\office14\msppt.olb.abc
  • %ProgramFiles%\microsoft office\office14\msocf.dll.abc
  • %ProgramFiles%\microsoft office\office14\vviewer.dll.abc
  • %ProgramFiles%\microsoft office\office14\rswop.icm.abc
  • %ProgramFiles%\microsoft office\office14\xlcall32.dll.abc
  • %ProgramFiles%\microsoft office\office14\onwordaddin.dll.abc
  • %ProgramFiles(x86)%\windows sidebar\settings.ini.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.ois.14.1033.hxn.abc
  • %ProgramFiles%\microsoft office\office14\microsoft.office.sharepointworkspace.addin.interface.dll.abc
  • %ALLUSERSPROFILE%\microsoft\identitycrl\ppcrlconfig.dll.abc
  • %ProgramFiles(x86)%\windows sidebar\wlsrvc.dll.abc
  • %ProgramFiles%\microsoft office\office14\namecontrolproxy.dll.abc
  • %ProgramFiles%\microsoft office\office14\xpage3c.dll.abc
  • %ProgramFiles%\microsoft office\office14\mset7db.kic.abc
  • %ProgramFiles%\microsoft office\office14\bcsautogen.dll.abc
  • %ProgramFiles%\microsoft office\office14\dbghelp.dll.abc
  • %ProgramFiles%\microsoft office\office14\sendto.dll.abc
  • %ProgramFiles%\microsoft office\office14\bdcmetadataresource.xsd.abc
  • %ProgramFiles%\microsoft office\office14\vviewdwg.dll.abc
  • %ProgramFiles%\microsoft office\office14\rtfhtml.dll.abc
  • %ProgramFiles%\microsoft office\office14\mimedir.dll.abc
  • %ProgramFiles%\microsoft office\office14\twcutlin.dll.abc
  • %ProgramFiles(x86)%\windows sidebar\sbdrop.dll.abc
  • %ALLUSERSPROFILE%\microsoft\mf\pending.grl.abc
  • %ProgramFiles%\microsoft office\office14\mset7ge.kic.abc
  • %ProgramFiles%\microsoft office\office14\audiosearchlts.dll.abc
  • %ProgramFiles%\microsoft office\office14\visshe.dll.abc
  • %ProgramFiles%\microsoft office\office14\taxonomycontrol.dll.abc
  • %ProgramFiles%\microsoft office\office14\olmapi32.dll.abc
  • %ProgramFiles%\microsoft office\office14\omsmain.dll.abc
  • %ProgramFiles%\microsoft office\office14\mset7fr.kic.abc
  • %ProgramFiles%\microsoft office\office14\entitydatahandler.dll.abc
  • %ProgramFiles%\microsoft office\office14\inlaunch.dll.abc
  • %ProgramFiles%\microsoft office\office14\msyubin7.dll.abc
  • %ProgramFiles%\microsoft office\office14\segoechess.ttf.abc
  • %ProgramFiles%\microsoft office\office14\form.dll.abc
  • %ProgramFiles%\microsoft office\office14\oisctrl.dll.abc
  • %ProgramFiles%\microsoft office\office14\authzax.dll.abc
  • %ProgramFiles%\microsoft office\office14\pstprx32.dll.abc
  • %ProgramFiles%\microsoft office\office14\setlang.exe.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.msaccess.dev.14.1033.hxn.abc
  • %ProgramFiles(x86)%\windows sidebar\readme.txt
  • %ALLUSERSPROFILE%\microsoft\officesoftwareprotectionplatform\readme.txt
  • %ALLUSERSPROFILE%\microsoft help\ms.winword.dev.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.msouc.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.mspub.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.onenote.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.outlook.dev.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.mstore.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.setlang.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.powerpnt.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.winword.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.mspub.dev.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.powerpnt.dev.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.excel.dev.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.graph.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.infopath.14.1033.hxn.abc
  • %ProgramFiles%\microsoft office\office14\refedit.dll.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.excel.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.msaccess.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.infopatheditor.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\package cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\readme.txt
  • %ALLUSERSPROFILE%\microsoft help\hx.hxn.abc
  • %ALLUSERSPROFILE%\microsoft\office\sharepointportalsite.ico.abc
  • %ALLUSERSPROFILE%\microsoft\office\documentrepository.ico.abc
  • %ALLUSERSPROFILE%\microsoft\office\sharepointteamsite.ico.abc
  • %ALLUSERSPROFILE%\microsoft help\nslist.hxl.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.groove.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\readme.txt
  • %ALLUSERSPROFILE%\microsoft\office\mysite.ico.abc
  • %ALLUSERSPROFILE%\microsoft\office\mysharepoints.ico.abc
  • %ALLUSERSPROFILE%\microsoft\office\assetlibrary.ico.abc
  • %ALLUSERSPROFILE%\microsoft\user account pictures\readme.txt
  • %ALLUSERSPROFILE%\microsoft\mf\active.grl.abc
  • %ProgramFiles%\mozilla firefox\api-ms-win-crt-runtime-l1-1-0.dll.abc
  • %ProgramFiles%\microsoft office\office14\mstores.dll.abc
  • %ProgramFiles(x86)%\windows photo viewer\imagingengine.dll.abc
  • %ProgramFiles(x86)%\windows nt\tabletextservice\tabletextservicesimplifiedzhengma.txt.abc
  • %ProgramFiles(x86)%\windows sidebar\en-us\sbdrop.dll.mui.abc
  • %ProgramFiles(x86)%\windows media player\mpvis.dll.abc
  • %ProgramFiles(x86)%\windows nt\tabletextservice\tabletextservicesimplifiedquanpin.txt.abc
  • %ProgramFiles(x86)%\windows media player\wmpnssci.dll.abc
  • %ProgramFiles(x86)%\windows media player\wmpmediasharing.dll.abc
  • %ProgramFiles(x86)%\windows media player\wmpdmccore.dll.abc
  • %ProgramFiles%\microsoft office\office14\msaexp30.dll.abc
  • %ProgramFiles%\microsoft office\office14\nl7lexicons0011.dll.abc
  • %ProgramFiles(x86)%\windows nt\tabletextservice\tabletextservice.dll.abc
  • %ProgramFiles%\microsoft office\office14\ipdesign.dll.abc
  • %ProgramFiles(x86)%\windows photo viewer\photoacq.dll.abc
  • %ProgramFiles%\microsoft office\office14\microsoft.office.interop.infopath.xml.dll.abc
  • %ProgramFiles(x86)%\windows nt\tabletextservice\tabletextserviceyi.txt.abc
  • %ProgramFiles(x86)%\windows photo viewer\en-us\photoacq.dll.mui.abc
  • %ProgramFiles%\microsoft office\office14\oart.dll.abc
  • %ProgramFiles%\microsoft office\office14\prtf9.dll.abc
  • %ProgramFiles%\microsoft office\office14\bcsclient.msg.dll.abc
  • %ProgramFiles%\microsoft office\office14\advtel.dic.abc
  • %ProgramFiles%\microsoft office\office14\name.dll.abc
  • %ProgramFiles%\microsoft office\office14\offrhd.dll.abc
  • %ProgramFiles%\microsoft office\office14\bcsruntimeui.dll.abc
  • %ProgramFiles%\microsoft office\office14\microsoft.office.businessapplications.runtime.dll.abc
  • %ProgramFiles%\microsoft office\office14\microsoft.office.infopath.client.internal.clrhost.dll.abc
  • %ProgramFiles%\microsoft office\office14\mso0127.acl.abc
  • %ProgramFiles%\microsoft office\office14\interop.managedapi.dll.abc
  • %ProgramFiles%\microsoft office\office14\outlph.dll.abc
  • %ProgramFiles%\microsoft office\office14\envelope.dll.abc
  • %ProgramFiles%\microsoft office\office14\onenotem.exe.abc
  • %ProgramFiles(x86)%\windows nt\accessories\wordpadfilter.dll.abc
  • %ProgramFiles%\microsoft office\office14\acedao.dll.abc
  • %ProgramFiles(x86)%\windows portable devices\sqmapi.dll.abc
  • %ProgramFiles%\microsoft office\office14\msrtedit.dll.abc
  • %ProgramFiles(x86)%\windows photo viewer\photobase.dll.abc
  • %ProgramFiles%\microsoft office\office14\mspst32.dll.abc
  • %ProgramFiles%\microsoft office\office14\nl7models0009.dll.abc
  • %ProgramFiles%\microsoft office\office14\advzip.dic.abc
  • %ProgramFiles%\microsoft office\office14\bcslaunch.dll.abc
  • %ProgramFiles%\microsoft office\office14\microsoft.office.sharepointworkspace.addin.datasetwrapper.dll.abc
  • %ProgramFiles%\microsoft office\office14\intldate.dll.abc
  • %ProgramFiles%\microsoft office\office14\charsettable.chr.abc
  • %ProgramFiles%\microsoft office\office14\oisgraph.dll.abc
  • %ProgramFiles%\microsoft office\office14\installed_resources14.xss.abc
  • %ProgramFiles%\microsoft office\office14\accwiz.dll.abc
  • %ProgramFiles%\microsoft office\office14\oisapp.dll.abc
  • %ProgramFiles%\microsoft office\office14\outlmime.dll.abc
  • %ProgramFiles%\microsoft office\office14\interop.groovemanagedaddintool.dll.abc
  • %ALLUSERSPROFILE%\microsoft\mf\readme.txt
  • %ProgramFiles%\microsoft office\office14\pubtrap.dll.abc
  • %ALLUSERSPROFILE%\microsoft\identitycrl\ppcrlui.dll.abc
  • %ProgramFiles%\microsoft office\office14\graph.ico.abc
  • %ProgramFiles%\microsoft office\office14\oemprint.cat.abc
  • %ALLUSERSPROFILE%\microsoft\identitycrl\readme.txt
  • %ProgramFiles%\microsoft office\office14\saext.dll.abc
  • %ProgramFiles%\microsoft office\office14\outlvbs.dll.abc
  • %ProgramFiles%\microsoft office\office14\microsoft.office.interop.infopath.semitrust.dll.abc
  • %ProgramFiles(x86)%\windows photo viewer\en-us\photoviewer.dll.mui.abc
  • %ProgramFiles%\microsoft office\office14\dlgsetp.dll.abc
  • %ProgramFiles%\microsoft office\office14\cnfnot32.exe.abc
  • %ProgramFiles%\microsoft office\office14\onmain.dll.abc
  • %ProgramFiles%\microsoft office\office14\css7data000a.dll.abc
  • %ProgramFiles(x86)%\windows media player\wmpnssui.dll.abc
  • %ProgramFiles(x86)%\windows media player\skins\revert.wmz.abc
  • %ProgramFiles(x86)%\windows photo viewer\photoviewer.dll.abc
  • %ProgramFiles(x86)%\windows nt\tabletextservice\tabletextservicesimplifiedshuangpin.txt.abc
  • %ALLUSERSPROFILE%\microsoft\office\readme.txt
  • %ProgramFiles%\mozilla firefox\api-ms-win-crt-math-l1-1-0.dll.abc
  • %ProgramFiles%\java\jre1.8.0_45\thirdpartylicensereadme.txt.abc
  • C:\msocache\all users\{90140000-0016-0409-1000-0000000ff1ce}-c\excelmui.msi.abc
  • C:\msocache\all users\{90140000-0016-0409-1000-0000000ff1ce}-c\excellr.cab.abc
  • %ProgramFiles%\internet explorer\signup\readme.txt
  • %ProgramFiles%\internet explorer\readme.txt
  • %ProgramFiles%\internet explorer\en-us\readme.txt
  • %ProgramFiles%\dvd maker\shared\readme.txt
  • %ProgramFiles%\dvd maker\en-us\readme.txt
  • %ProgramFiles%\dvd maker\readme.txt
  • C:\msocache\all users\{90140000-0011-0000-1000-0000000ff1ce}-c\propsww2.cab.abc
  • %ProgramFiles%\readme.txt
  • %CommonProgramFiles%\system\readme.txt
  • %CommonProgramFiles%\services\readme.txt
  • %CommonProgramFiles%\designer\readme.txt
  • C:\readme.txt
  • %ProgramFiles%\microsoft office\document themes 14\readme.txt
  • C:\msocache\all users\{90140000-0117-0409-1000-0000000ff1ce}-c\readme.txt
  • C:\msocache\all users\{90140000-00ba-0409-1000-0000000ff1ce}-c\readme.txt
  • C:\msocache\all users\{90140000-00a1-0409-1000-0000000ff1ce}-c\readme.txt
  • C:\msocache\all users\{90140000-0044-0409-1000-0000000ff1ce}-c\readme.txt
  • C:\msocache\all users\{90140000-0011-0000-1000-0000000ff1ce}-c\propsww.cab.abc
  • C:\msocache\all users\{90140000-0011-0000-1000-0000000ff1ce}-c\pkeyconfig-office.xrm-ms.abc
  • C:\msocache\all users\{90140000-0011-0000-1000-0000000ff1ce}-c\proplusww.msi.abc
  • C:\msocache\all users\{90140000-0043-0409-1000-0000000ff1ce}-c\readme.txt
  • C:\msocache\all users\{90140000-002c-0409-1000-0000000ff1ce}-c\readme.txt
  • C:\msocache\all users\{90140000-0011-0000-1000-0000000ff1ce}-c\osetup.dll.abc
  • C:\msocache\all users\{90140000-0011-0000-1000-0000000ff1ce}-c\owow32ww.cab.abc
  • C:\msocache\all users\{90140000-0011-0000-1000-0000000ff1ce}-c\office32ww.msi.abc
  • C:\msocache\all users\{90140000-0011-0000-1000-0000000ff1ce}-c\pidgenx.dll.abc
  • C:\msocache\all users\{90140000-001b-0409-1000-0000000ff1ce}-c\readme.txt
  • C:\kms\kms_vl_all_aio_debug.log.abc
  • C:\msocache\all users\{90140000-0115-0409-1000-0000000ff1ce}-c\readme.txt
  • %ProgramFiles%\mozilla thunderbird\uninstall\readme.txt
  • %ProgramFiles%\windows photo viewer\en-us\readme.txt
  • %ProgramFiles%\mozilla firefox\readme.txt
  • %ProgramFiles%\windows nt\tabletextservice\readme.txt
  • %ProgramFiles%\windows nt\accessories\readme.txt
  • %ProgramFiles%\windows media player\skins\readme.txt
  • %ProgramFiles%\windows media player\network sharing\readme.txt
  • %ProgramFiles%\windows media player\readme.txt
  • %ProgramFiles%\windows media player\media renderer\readme.txt
  • %ProgramFiles%\windows media player\en-us\readme.txt
  • %ProgramFiles%\windows mail\readme.txt
  • %ProgramFiles%\windows mail\en-us\readme.txt
  • %ProgramFiles%\windows journal\templates\readme.txt
  • %ProgramFiles%\windows journal\readme.txt
  • %ProgramFiles%\windows journal\en-us\readme.txt
  • %ProgramFiles%\windows defender\readme.txt
  • %ProgramFiles%\windows defender\en-us\readme.txt
  • C:\msocache\all users\{90140000-001a-0409-1000-0000000ff1ce}-c\readme.txt
  • %ProgramFiles%\mozilla thunderbird\visualelements\readme.txt
  • C:\msocache\all users\{90140000-0019-0409-1000-0000000ff1ce}-c\publishermui.msi.abc
  • C:\msocache\all users\{90140000-0019-0409-1000-0000000ff1ce}-c\publr.cab.abc
  • %ProgramFiles%\mozilla thunderbird\isp\readme.txt
  • %ProgramFiles%\mozilla thunderbird\fonts\readme.txt
  • %ProgramFiles%\mozilla thunderbird\features\readme.txt
  • C:\msocache\all users\{90140000-001a-0409-1000-0000000ff1ce}-c\outlklr.cab.abc
  • %ProgramFiles%\mozilla thunderbird\readme.txt
  • %ProgramFiles%\mozilla firefox\uninstall\readme.txt
  • C:\msocache\all users\{90140000-001a-0409-1000-0000000ff1ce}-c\outlookmui.msi.abc
  • C:\msocache\all users\{90140000-0018-0409-1000-0000000ff1ce}-c\powerpointmui.msi.abc
  • C:\msocache\all users\{90140000-0018-0409-1000-0000000ff1ce}-c\pptlr.cab.abc
  • %ProgramFiles%\mozilla firefox\fonts\readme.txt
  • %ProgramFiles%\mozilla firefox\distibution\readme.txt
  • %ProgramFiles%\mozilla firefox\browser\readme.txt
  • %ProgramFiles%\microsoft office\office14\readme.txt
  • %ProgramFiles%\microsoft sql server compact edition\v3.5\readme.txt
  • C:\kms\kms_vl_all_aio.cmd.abc
  • %HOMEPATH%\videos\desktop.ini.abc
  • %HOMEPATH%\saved games\readme.txt
  • %HOMEPATH%\music\desktop.ini.abc
  • %HOMEPATH%\downloads\desktop.ini.abc
  • %HOMEPATH%\links\readme.txt
  • %HOMEPATH%\pictures\desktop.ini.abc
  • %HOMEPATH%\favorites\windows live\readme.txt
  • %HOMEPATH%\desktop\telegram.lnk.abc
  • %HOMEPATH%\favorites\msn websites\readme.txt
  • %HOMEPATH%\desktop\google chrome.lnk.abc
  • %HOMEPATH%\favorites\microsoft websites\readme.txt
  • %HOMEPATH%\favorites\links for united states\readme.txt
  • %HOMEPATH%\desktop\desktop.ini.abc
  • %HOMEPATH%\favorites\links\readme.txt
  • %HOMEPATH%\favorites\readme.txt
  • C:\$recycle.bin\s-1-5-21-3150914307-1777937420-491476919-1000\readme.txt
  • %HOMEPATH%\desktop\dashborder_144.bmp.abc
  • %HOMEPATH%\desktop\coffee.bmp.abc
  • %HOMEPATH%\desktop\alert.htm.abc
  • %HOMEPATH%\videos\readme.txt
  • %HOMEPATH%\music\readme.txt
  • %HOMEPATH%\downloads\readme.txt
  • %HOMEPATH%\desktop\64bit_notes.htm.abc
  • %HOMEPATH%\pictures\readme.txt
  • %HOMEPATH%\desktop\4f0bf7ff71f28.jpeg.abc
  • %HOMEPATH%\desktop\3.jpg.abc
  • %HOMEPATH%\desktop\210252809.jpg.abc
  • %HOMEPATH%\desktop\13.jpg.abc
  • %HOMEPATH%\documents\desktop.ini.abc
  • %HOMEPATH%\desktop\1189.jpg.abc
  • %HOMEPATH%\desktop\readme.txt
  • %HOMEPATH%\contacts\readme.txt
  • %HOMEPATH%\favorites\msn websites\msn entertainment.url.abc
  • C:\msocache\all users\{90140000-0019-0409-1000-0000000ff1ce}-c\readme.txt
  • %HOMEPATH%\favorites\desktop.ini.abc
  • %HOMEPATH%\links\downloads.lnk.abc
  • %HOMEPATH%\saved games\desktop.ini.abc
  • C:\msocache\all users\{90140000-0018-0409-1000-0000000ff1ce}-c\readme.txt
  • %HOMEPATH%\links\recentplaces.lnk.abc
  • %HOMEPATH%\links\desktop.lnk.abc
  • %HOMEPATH%\favorites\windows live\get windows live.url.abc
  • %HOMEPATH%\favorites\windows live\windows live mail.url.abc
  • %HOMEPATH%\favorites\windows live\windows live gallery.url.abc
  • %HOMEPATH%\favorites\windows live\windows live spaces.url.abc
  • %HOMEPATH%\links\desktop.ini.abc
  • %HOMEPATH%\favorites\msn websites\msnbc news.url.abc
  • %HOMEPATH%\favorites\msn websites\msn.url.abc
  • C:\msocache\all users\{90140000-0016-0409-1000-0000000ff1ce}-c\readme.txt
  • %HOMEPATH%\favorites\msn websites\msn sports.url.abc
  • C:\$recycle.bin\s-1-5-21-3150914307-1777937420-491476919-1000\desktop.ini.abc
  • %HOMEPATH%\favorites\msn websites\msn money.url.abc
  • %HOMEPATH%\favorites\msn websites\msn autos.url.abc
  • %HOMEPATH%\favorites\microsoft websites\microsoft store.url.abc
  • %HOMEPATH%\favorites\microsoft websites\microsoft at home.url.abc
  • %HOMEPATH%\favorites\microsoft websites\microsoft at work.url.abc
  • C:\msocache\all users\{90140000-0011-0000-1000-0000000ff1ce}-c\readme.txt
  • %HOMEPATH%\favorites\microsoft websites\ie site on microsoft.com.url.abc
  • %HOMEPATH%\favorites\microsoft websites\ie add-on site.url.abc
  • %HOMEPATH%\favorites\links for united states\usa.gov.url.abc
  • %HOMEPATH%\favorites\links for united states\desktop.ini.abc
  • %HOMEPATH%\favorites\links for united states\gobiernousa.gov.url.abc
  • %HOMEPATH%\contacts\user.contact.abc
  • %HOMEPATH%\favorites\links\web slice gallery.url.abc
  • %HOMEPATH%\favorites\links\desktop.ini.abc
  • %HOMEPATH%\contacts\desktop.ini.abc
  • C:\kms\readme.txt
  • C:\msocache\all users\{90140000-0115-0409-1000-0000000ff1ce}-c\officelr.cab.abc
  • %ProgramFiles%\mozilla firefox\api-ms-win-crt-environment-l1-1-0.dll.abc
  • %ProgramFiles%\windows sidebar\en-us\readme.txt
  • %ProgramFiles%\internet explorer\jsprofilerui.dll.abc
  • %ProgramFiles(x86)%\windows mail\readme.txt
  • %ProgramFiles(x86)%\windows mail\en-us\readme.txt
  • %ProgramFiles%\internet explorer\jsprofilercore.dll.abc
  • %ProgramFiles%\microsoft office\document themes 14\pushpin.thmx.abc
  • %ProgramFiles%\java\jre1.8.0_45\copyright.abc
  • %ProgramFiles(x86)%\windows defender\readme.txt
  • %ProgramFiles(x86)%\windows defender\en-us\readme.txt
  • %ProgramFiles%\internet explorer\msdbg2.dll.abc
  • %ProgramFiles%\internet explorer\jsdbgui.dll.abc
  • %ProgramFiles%\internet explorer\sqmapi.dll.abc
  • %ProgramFiles%\internet explorer\jsdebuggeride.dll.abc
  • %ProgramFiles%\internet explorer\pdm.dll.abc
  • %ProgramFiles%\java\jre1.8.0_45\release.abc
  • %ProgramFiles%\java\jre1.8.0_45\thirdpartylicensereadme-javafx.txt.abc
  • %ProgramFiles%\dvd maker\eurosti.ttf.abc
  • %ProgramFiles%\dvd maker\audiodepthconverter.ax.abc
  • %ProgramFiles%\java\jre1.8.0_45\license.abc
  • %ProgramFiles%\microsoft office\office14\accdds.dll.abc
  • %ProgramFiles%\internet explorer\signup\install.ins.abc
  • %ProgramFiles%\java\jre1.8.0_45\readme.txt.abc
  • %ProgramFiles%\dvd maker\fieldswitch.ax.abc
  • %ProgramFiles%\dvd maker\offset.ax.abc
  • %ProgramFiles%\dvd maker\bod_r.ttf.abc
  • %ProgramFiles%\dvd maker\omdbase.dll.abc
  • %ProgramFiles%\dvd maker\pipeline.dll.abc
  • %ProgramFiles(x86)%\steam\public\readme.txt
  • %ProgramFiles%\dvd maker\sonicsptransform.ax.abc
  • %ProgramFiles%\dvd maker\shared\parity.fx.abc
  • %ProgramFiles%\dvd maker\shared\common.fxh.abc
  • %ProgramFiles%\dvd maker\directshowtap.ax.abc
  • %ProgramFiles%\microsoft office\office14\mstore.exe.abc
  • %ProgramFiles%\windows portable devices\readme.txt
  • %ProgramFiles%\mozilla firefox\distibution\policies.json.abc
  • %ProgramFiles%\mozilla firefox\api-ms-win-core-localization-l1-2-0.dll.abc
  • %ProgramFiles%\microsoft office\office14\grooveex.dll.abc
  • %ProgramFiles%\mozilla firefox\api-ms-win-core-synch-l1-2-0.dll.abc
  • %ProgramFiles%\mozilla firefox\browser\omni.ja.abc
  • %ProgramFiles%\microsoft sql server compact edition\v3.5\sqlceme35.dll.abc
  • %ProgramFiles%\microsoft office\office14\npauthz.dll.abc
  • %ProgramFiles%\microsoft office\office14\msohevi.dll.abc
  • %ProgramFiles%\microsoft office\office14\excel.exe.abc
  • %ProgramFiles(x86)%\windows media player\readme.txt
  • %ProgramFiles%\microsoft office\office14\mspub.exe.abc
  • %ProgramFiles%\microsoft office\office14\ois.exe.abc
  • %ProgramFiles%\microsoft office\office14\onenote.exe.abc
  • %ProgramFiles%\microsoft office\office14\powerpnt.exe.abc
  • %ProgramFiles%\microsoft office\office14\outlook.exe.abc
  • %ProgramFiles%\dvd maker\soniccolorconverter.ax.abc
  • %ProgramFiles(x86)%\windows media player\media renderer\readme.txt
  • %ProgramFiles%\microsoft office\office14\infopath.exe.abc
  • %ProgramFiles%\microsoft office\office14\msaccess.exe.abc
  • %ProgramFiles%\mozilla firefox\libglesv2.dll.abc
  • %ProgramFiles%\mozilla firefox\browser\crashreporter-override.ini.abc
  • %ProgramFiles%\microsoft sql server compact edition\v3.5\sqlcecompact35.dll.abc
  • %ProgramFiles%\mozilla firefox\api-ms-win-core-file-l1-2-0.dll.abc
  • %ProgramFiles%\microsoft sql server compact edition\v3.5\sqlceoledb35.dll.abc
  • %ProgramFiles%\microsoft sql server compact edition\v3.5\sqlcese35.dll.abc
  • %ProgramFiles%\microsoft sql server compact edition\v3.5\sqlceer35en.dll.abc
  • %ProgramFiles%\microsoft sql server compact edition\v3.5\sqlceca35.dll.abc
  • %ProgramFiles%\microsoft office\office14\groove.exe.abc
  • %ProgramFiles%\mozilla firefox\osclientcerts.dll.abc
  • %ProgramFiles(x86)%\windows defender\mpasdesc.dll.abc
  • %ProgramFiles(x86)%\windows media player\en-us\readme.txt
  • %ProgramFiles%\mozilla firefox\fonts\twemojimozilla.ttf.abc
  • %ProgramFiles%\mozilla firefox\api-ms-win-crt-heap-l1-1-0.dll.abc
  • %ProgramFiles(x86)%\steam\logs\readme.txt
  • %ProgramFiles%\internet explorer\ieshims.dll.abc
  • C:\msocache\all users\{90140000-00a1-0409-1000-0000000ff1ce}-c\onotelr.cab.abc
  • C:\msocache\all users\{90140000-00a1-0409-1000-0000000ff1ce}-c\onenotemui.msi.abc
  • %CommonProgramFiles%\system\wab32res.dll.abc
  • C:\msocache\all users\{90140000-0044-0409-1000-0000000ff1ce}-c\infopathmui.msi.abc
  • %ProgramFiles(x86)%\opera\29.0.1795.47\readme.txt
  • C:\msocache\all users\{90140000-0117-0409-1000-0000000ff1ce}-c\accessmuiset.msi.abc
  • %ProgramFiles%\internet explorer\en-us\hmmapi.dll.mui.abc
  • %CommonProgramFiles%\designer\msaddndr.dll.abc
  • C:\msocache\all users\{90140000-0043-0409-1000-0000000ff1ce}-c\owow32lr.cab.abc
  • C:\msocache\all users\{90140000-00ba-0409-1000-0000000ff1ce}-c\groovelr.cab.abc
  • C:\msocache\all users\{90140000-00ba-0409-1000-0000000ff1ce}-c\groovemui.msi.abc
  • C:\msocache\all users\{90140000-0044-0409-1000-0000000ff1ce}-c\inflr.cab.abc
  • %ProgramFiles%\desktop.ini.abc
  • C:\msocache\all users\{90140000-001b-0409-1000-0000000ff1ce}-c\wordmui.msi.abc
  • %ProgramFiles%\internet explorer\ie8props.propdesc.abc
  • C:\msocache\all users\{90140000-001b-0409-1000-0000000ff1ce}-c\wordlr.cab.abc
  • C:\msocache\all users\{90140000-002c-0409-1000-0000000ff1ce}-c\proofing.msi.abc
  • %ProgramFiles(x86)%\msbuild\readme.txt
  • %ProgramFiles(x86)%\microsoft.net\redistlist\readme.txt
  • %ProgramFiles(x86)%\microsoft.net\primary interop assemblies\readme.txt
  • %ProgramFiles(x86)%\microsoft office\office14\readme.txt
  • %ProgramFiles(x86)%\internet explorer\signup\readme.txt
  • %ProgramFiles(x86)%\internet explorer\readme.txt
  • %ProgramFiles(x86)%\internet explorer\en-us\readme.txt
  • %ProgramFiles(x86)%\readme.txt
  • %CommonProgramFiles(x86)%\system\readme.txt
  • %CommonProgramFiles(x86)%\steam\readme.txt
  • %CommonProgramFiles(x86)%\services\readme.txt
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\readme.txt
  • %ProgramFiles%\windows sidebar\readme.txt
  • C:\msocache\all users\{90140000-0043-0409-1000-0000000ff1ce}-c\office32mui.msi.abc
  • %ProgramFiles%\windows photo viewer\readme.txt
  • %ProgramFiles%\internet explorer\en-us\iedvtool.dll.mui.abc
  • %CommonProgramFiles%\system\wab32.dll.abc
  • %ProgramFiles%\internet explorer\en-us\jsprofilerui.dll.mui.abc
  • %ProgramFiles%\dvd maker\rtstreamsink.ax.abc
  • %ProgramFiles%\internet explorer\en-us\jsdebuggeride.dll.mui.abc
  • %ProgramFiles(x86)%\steam\bin\readme.txt
  • %ProgramFiles(x86)%\steam\readme.txt
  • %ProgramFiles%\dvd maker\pipetran.dll.abc
  • %ProgramFiles%\dvd maker\omdproject.dll.abc
  • %ProgramFiles%\dvd maker\secretst.ttf.abc
  • %ProgramFiles%\dvd maker\wmm2clip.dll.abc
  • %ProgramFiles%\dvd maker\rtstreamsource.ax.abc
  • %ProgramFiles%\internet explorer\en-us\jsdbgui.dll.mui.abc
  • C:\msocache\all users\{90140000-0115-0409-1000-0000000ff1ce}-c\officemui.msi.abc
  • C:\msocache\all users\{90140000-0115-0409-1000-0000000ff1ce}-c\pss10r.chm.abc
  • %ProgramFiles(x86)%\opera\readme.txt
  • %ProgramFiles%\internet explorer\en-us\jsprofilercore.dll.mui.abc
  • C:\msocache\all users\{90140000-0115-0409-1000-0000000ff1ce}-c\officemuiset.msi.abc
  • C:\msocache\all users\{90140000-0115-0409-1000-0000000ff1ce}-c\dw20.exe.abc
  • C:\msocache\all users\{90140000-0115-0409-1000-0000000ff1ce}-c\microsoft.vc90.crt.manifest.abc
  • %ProgramFiles%\dvd maker\en-us\omdproject.dll.mui.abc
  • %ProgramFiles%\internet explorer\iecompat.dll.abc
  • %ProgramFiles%\internet explorer\ieproxy.dll.abc
  • %ProgramFiles(x86)%\opera\assets\readme.txt
  • %CommonProgramFiles%\system\directdb.dll.abc
  • %ProgramFiles%\internet explorer\hmmapi.dll.abc
  • C:\msocache\all users\{90140000-0115-0409-1000-0000000ff1ce}-c\msvcr90.dll.abc
  • C:\msocache\all users\{90140000-0115-0409-1000-0000000ff1ce}-c\dwdcw20.dll.abc
  • C:\msocache\all users\{90140000-0115-0409-1000-0000000ff1ce}-c\shellui.mst.abc
  • C:\msocache\all users\{90140000-0115-0409-1000-0000000ff1ce}-c\osetupui.dll.abc
  • %ProgramFiles%\dvd maker\en-us\wmm2clip.dll.mui.abc
  • C:\msocache\all users\{90140000-0115-0409-1000-0000000ff1ce}-c\setup.chm.abc
  • %ProgramFiles%\internet explorer\iedvtool.dll.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.outlook.14.1033.hxn.abc
Удаляет следующие файлы
  • %ProgramFiles%\microsoft office\office14\readme.txt
  • %WINDIR%\panther\mainqueueonline1.que
  • %WINDIR%\microsoft.net\netfxrepair.1037.dll
  • %WINDIR%\microsoft.net\netfxrepair.1038.dll
  • %WINDIR%\panther\diagerr.xml
  • %WINDIR%\panther\unattend.xml
  • %WINDIR%\panther\cbs.log
  • %WINDIR%\microsoft.net\netfxrepair.2070.dll
  • %WINDIR%\microsoft.net\netfxrepair.1046.dll
  • %WINDIR%\microsoft.net\netfxrepair.1045.dll
  • %WINDIR%\microsoft.net\netfxrepair.1043.dll
  • %WINDIR%\microsoft.net\netfxrepair.1041.dll
  • %WINDIR%\microsoft.net\netfxrepair.1044.dll
  • %WINDIR%\microsoft.net\netfxrepair.3076.dll
  • %WINDIR%\panther\cbs_unattend.log
  • %WINDIR%\panther\unattendgc\diagwrn.xml
  • %WINDIR%\panther\mainqueueonline0.que
  • %WINDIR%\microsoft.net\netfxrepair.1030.dll
  • %WINDIR%\microsoft.net\framework\netfxsbs12.hkf
  • %WINDIR%\microsoft.net\netfxrepair.1055.dll
  • %WINDIR%\microsoft.net\netfxrepair.1049.dll
  • %WINDIR%\microsoft.net\netfxrepair.1042.dll
  • %WINDIR%\microsoft.net\netfxrepair.1025.dll
  • %WINDIR%\microsoft.net\netfxrepair.1028.dll
  • %WINDIR%\microsoft.net\netfxrepair.1053.dll
  • %WINDIR%\microsoft.net\netfxrepair.3082.dll
  • %WINDIR%\microsoft.net\netfxrepair.1029.dll
  • %WINDIR%\microsoft.net\netfxrepair.2052.dll
  • %WINDIR%\microsoft.net\netfxrepair.1040.dll
  • %WINDIR%\panther\unattendgc\setupact.log
  • %WINDIR%\panther\unattendgc\diagerr.xml
  • %WINDIR%\panther\setuperr.log
  • %WINDIR%\media\sonata\desktop.ini
  • %WINDIR%\fonts\simfang.ttf
  • %WINDIR%\prefetch\vcredist_x86.exe-96cf69cf.pf
  • %WINDIR%\prefetch\vc_redist.x86.exe-92eb15bb.pf
  • %WINDIR%\prefetch\jp2launcher.exe-7dccd1b9.pf
  • %WINDIR%\prefetch\wevtutil.exe-ef5861c4.pf
  • %WINDIR%\prefetch\chrome.exe-5617a1bf.pf
  • %WINDIR%\prefetch\unlodctr.exe-531facc7.pf
  • %WINDIR%\prefetch\aspnet_regiis.exe-86915b5a.pf
  • %WINDIR%\prefetch\conhost.exe-1f3e9d7e.pf
  • %WINDIR%\fonts\lsans.ttf
  • %WINDIR%\prefetch\cmd.exe-4a81b364.pf
  • %WINDIR%\prefetch\drvinst.exe-4cb4314a.pf
  • %WINDIR%\prefetch\tsetup.1.4.3.tmp-9455db0f.pf
  • %WINDIR%\prefetch\steamservice.exe-57e215d3.pf
  • %WINDIR%\prefetch\audiodg.exe-bdfd3029.pf
  • %WINDIR%\prefetch\clrgc.exe-5d5b90f5.pf
  • %WINDIR%\microsoft.net\netfxrepair.1035.dll
  • %WINDIR%\panther\setup.etl
  • %WINDIR%\prefetch\agapplaunch.db
  • %WINDIR%\prefetch\opera_29.0.1795.47_setup.exe-9c628850.pf
  • %WINDIR%\prefetch\firefox setup 78.0.2 (x64).ex-d6c4efe8.pf
  • %WINDIR%\prefetch\acrordrdc1501020056_en_us.exe-3b58c109.pf
  • %WINDIR%\prefetch\dotnetfx35setup.exe-7deb9041.pf
  • %WINDIR%\prefetch\jaureg.exe-2358f266.pf
  • %WINDIR%\prefetch\cmd.exe-ac113aa8.pf
  • %WINDIR%\prefetch\steamsetup_2.10.91.91.exe-91d3eed3.pf
  • %WINDIR%\prefetch\opera_29.0.1795.47_setup.exe-839f60fd.pf
  • %WINDIR%\panther\setupact.log
  • %WINDIR%\fonts\staticcache.dat
  • %WINDIR%\microsoft.net\netfxrepair.1031.dll
  • %WINDIR%\microsoft.net\netfxrepair.1032.dll
  • %WINDIR%\microsoft.net\netfxrepair.1033.dll
  • %WINDIR%\prefetch\vc_redist.x86.exe-451fb36d.pf
  • %WINDIR%\microsoft.net\netfxrepair.1036.dll
  • %WINDIR%\panther\setupinfo
  • %WINDIR%\panther\ddaclsys.log
  • %WINDIR%\fonts\frabk.ttf
  • %WINDIR%\fonts\schlbki.ttf
  • %WINDIR%\fonts\palscri.ttf
  • %WINDIR%\fonts\pertibd.ttf
  • %WINDIR%\fonts\tccm____.ttf
  • %WINDIR%\fonts\maturasc.ttf
  • %WINDIR%\fonts\gishabd.ttf
  • %WINDIR%\fonts\peri____.ttf
  • %WINDIR%\fonts\tccb____.ttf
  • %WINDIR%\fonts\itckrist.ttf
  • %WINDIR%\fonts\hatten.ttf
  • %WINDIR%\fonts\frscript.ttf
  • %WINDIR%\fonts\verdanai.ttf
  • %WINDIR%\fonts\gilbi___.ttf
  • %WINDIR%\fonts\gigi.ttf
  • %WINDIR%\fonts\david.ttf
  • %WINDIR%\fonts\elephnti.ttf
  • %WINDIR%\fonts\roccb___.ttf
  • %WINDIR%\fonts\gothicb.ttf
  • %WINDIR%\fonts\goudosb.ttf
  • %WINDIR%\fonts\kokilabi.ttf
  • %WINDIR%\fonts\gara.ttf
  • %WINDIR%\fonts\curlz___.ttf
  • %WINDIR%\fonts\htowerti.ttf
  • %WINDIR%\fonts\daunpenh.ttf
  • %WINDIR%\fonts\segoeprb.ttf
  • %WINDIR%\fonts\majallab.ttf
  • %WINDIR%\fonts\mistral.ttf
  • %WINDIR%\fonts\schlbkbi.ttf
  • %WINDIR%\fonts\goudysto.ttf
  • %WINDIR%\fonts\magnetob.ttf
  • %WINDIR%\fonts\utsaah.ttf
  • %WINDIR%\fonts\lsansi.ttf
  • %WINDIR%\panther\diagwrn.xml
  • %WINDIR%\pfro.log
  • %WINDIR%\fonts\arialuni.ttf
  • %WINDIR%\panther\contents1.dir
  • %WINDIR%\panther\contents0.dir
  • %WINDIR%\fonts\pala.ttf
  • %WINDIR%\fonts\segoesc.ttf
  • %WINDIR%\pla\system\system diagnostics.xml
  • %WINDIR%\fonts\palabi.ttf
  • %WINDIR%\fonts\vani.ttf
  • %WINDIR%\pla\system\system performance.xml
  • %WINDIR%\msdfmap.ini
  • %WINDIR%\ocsetup_uninstall_searchengine-client-package.etl
  • %WINDIR%\ocsetup_cbs_uninstall_searchengine-client-package.txt
  • %WINDIR%\panther\actionqueue\specialize.uaq
  • %WINDIR%\panther\actionqueue\oobesystem.uaq
  • %WINDIR%\performance\winsat\winsat.log
  • %WINDIR%\fonts\fradm.ttf
  • %WINDIR%\fonts\tcm_____.ttf
  • %WINDIR%\fonts\shonar.ttf
  • %WINDIR%\offline web pages\desktop.ini
  • %WINDIR%\fonts\gillubcd.ttf
  • %WINDIR%\fonts\schlbkb.ttf
  • %WINDIR%\fonts\showg.ttf
  • %WINDIR%\prefetch\aspnet_regiis.exe-75651a3c.pf
  • %WINDIR%\fonts\lbrited.ttf
  • %WINDIR%\fonts\trebuc.ttf
  • %WINDIR%\fonts\upceb.ttf
  • %WINDIR%\fonts\upcdb.ttf
  • %WINDIR%\fonts\simpo.ttf
  • %WINDIR%\fonts\simpbdo.ttf
  • %WINDIR%\fonts\segoepr.ttf
  • %WINDIR%\prefetch\bspatch.exe-dd9e5e46.pf
  • %WINDIR%\prefetch\vc_redist.x64.exe-6181748b.pf
  • <SYSTEM32>\catroot2\dberr.txt
  • %WINDIR%\prefetch\xcopy.exe-41e6513f.pf
  • %WINDIR%\prefetch\vc_redist.x86.exe-aace95dd.pf
  • %WINDIR%\prefetch\setup.exe-995118bd.pf
  • %WINDIR%\prefetch\vssvc.exe-b8afc319.pf
  • %WINDIR%\prefetch\vc_redist.x86.exe-4da5e6b3.pf
  • %WINDIR%\prefetch\mscorsvw.exe-57d17daf.pf
  • %WINDIR%\prefetch\javaw.exe-dccf0ab8.pf
  • %WINDIR%\prefetch\vcredist_x86.exe-73b7ff73.pf
  • %WINDIR%\prefetch\regtlibv12.exe-b7c4f383.pf
  • %WINDIR%\prefetch\vc_redist.x86.exe-35b8af5d.pf
  • %WINDIR%\prefetch\wermgr.exe-0f2ac88c.pf
  • %WINDIR%\prefetch\vcredist_x86.exe-163efd5c.pf
  • %WINDIR%\prefetch\lodctr.exe-72cd50d0.pf
  • %WINDIR%\prefetch\vc_redist.x64.exe-b0c890fd.pf
  • %WINDIR%\prefetch\wmiprvse.exe-1628051c.pf
  • %WINDIR%\prefetch\dllhost.exe-5e46fa0d.pf
  • %WINDIR%\prefetch\wmiadap.exe-f8dfdfa2.pf
  • %WINDIR%\prefetch\vc_redist.x86.exe-1dcb7807.pf
  • %WINDIR%\prefetch\unlodctr.exe-a3d4deeb.pf
  • %WINDIR%\prefetch\vc_redist.x64.exe-d3a3c549.pf
  • %WINDIR%\prefetch\setup.exe-9c5f31fe.pf
  • %WINDIR%\prefetch\vc_redist.x86.exe-1c5672a5.pf
  • %WINDIR%\prefetch\mofcomp.exe-fde76efc.pf
  • %WINDIR%\prefetch\winrar-x64-531.exe-91d4b934.pf
  • %WINDIR%\prefetch\wusa.exe-a8d5906c.pf
  • %WINDIR%\prefetch\vc_redist.x64.exe-2c3b2083.pf
  • %WINDIR%\prefetch\searchindexer.exe-4a6353b9.pf
  • %WINDIR%\prefetch\ping.exe-7e94e73e.pf
  • %WINDIR%\prefetch\wuauclt.exe-70318591.pf
  • %WINDIR%\prefetch\mofcomp.exe-8fe3d558.pf
  • %WINDIR%\prefetch\ngen.exe-ae594a6b.pf
  • %WINDIR%\prefetch\lodctr.exe-3cce0534.pf
  • %WINDIR%\prefetch\vc_redist.x64.exe-5c158f2f.pf
  • %WINDIR%\prefetch\javaws.exe-ed58c697.pf
  • %WINDIR%\setupact.log
  • %WINDIR%\softwaredistribution\reportingevents.log
  • %WINDIR%\softwaredistribution\postrebooteventcache\{435a9702-3e56-4ebd-a31c-1dac019aa71d}.bin
  • %WINDIR%\starter.xml
  • %WINDIR%\system.ini
  • %WINDIR%\shellnew\mspub.pub
  • %WINDIR%\shellnew\excel12.xlsx
  • %WINDIR%\syswow64\aspnet_counters.dll
  • %WINDIR%\prefetch\taskhost.exe-7238f31d.pf
  • %WINDIR%\syswow64\atl110.dll
  • %WINDIR%\syswow64\atl100.dll
  • <SYSTEM32>\catroot2\edbres00002.jrs
  • <SYSTEM32>\catroot2\edb00437.log
  • <SYSTEM32>\catroot2\edbres00001.jrs
  • <SYSTEM32>\catroot2\edb.chk
  • %WINDIR%\prefetch\wevtutil.exe-400d93e8.pf
  • %WINDIR%\registration\r000000000001.clb
  • %WINDIR%\fonts\simkai.ttf
  • %WINDIR%\prefetch\readyboot\trace2.fx
  • %WINDIR%\setup\state\state.ini
  • %WINDIR%\prefetch\agglglobalhistory.db
  • %WINDIR%\fonts\simhei.ttf
  • %WINDIR%\security\logs\scesetup.log
  • %WINDIR%\security\database\secedit.sdb
  • %WINDIR%\security\logs\scecomp.old
  • %WINDIR%\serviceprofiles\networkservice\ntuser.dat.log
  • %WINDIR%\serviceprofiles\localservice\ntuser.dat.log
  • %WINDIR%\prefetch\mscorsvw.exe-c3c515bd.pf
  • %WINDIR%\prefetch\msiexec.exe-e09a077a.pf
  • %WINDIR%\prefetch\vc_redist.x64.exe-9dedc9d2.pf
  • %WINDIR%\prefetch\rdrservicesupdater.exe-3d26e665.pf
  • %WINDIR%\setuperr.log
  • %WINDIR%\prefetch\rundll32.exe-e6258edf.pf
  • %WINDIR%\prefetch\ose.exe-51c16f0e.pf
  • %WINDIR%\prefetch\setup.exe-3c1c5c45.pf
  • %WINDIR%\prefetch\vcredist_x64.exe-24aea5d8.pf
  • %WINDIR%\prefetch\setuputility.exe-8e8b4811.pf
  • %WINDIR%\prefetch\shutdown.exe-e7d5c9cc.pf
  • %WINDIR%\prefetch\firefox.exe-a606b53c.pf
  • %WINDIR%\prefetch\agglfaulthistory.db
  • %WINDIR%\prefetch\dotnetfx35.exe-852dd91f.pf
  • %WINDIR%\prefetch\dllhost.exe-766398d2.pf
  • %WINDIR%\prefetch\bfsvc.exe-9c7a4dee.pf
  • %WINDIR%\prefetch\installer.exe-ee562215.pf
  • %WINDIR%\prefetch\agglfgapphistory.db
  • %WINDIR%\prefetch\ntosboot-b00dfaad.pf
  • %WINDIR%\prefetch\install.exe-3f13c328.pf
  • %WINDIR%\prefetch\logonui.exe-09140401.pf
  • %WINDIR%\prefetch\uninstall.exe-a11d6b07.pf
  • %WINDIR%\prefetch\netsh.exe-f1b6da12.pf
  • %WINDIR%\prefetch\msiexec.exe-a2d55cb6.pf
  • %WINDIR%\prefetch\mscorsvw.exe-245ed79e.pf
  • %WINDIR%\prefetch\agrobust.db
  • %WINDIR%\prefetch\dotnetfx40_full_x86_x64.exe-d34ac1bf.pf
  • %WINDIR%\prefetch\thunderbird.exe-5119524c.pf
  • %WINDIR%\prefetch\unpack200.exe-bb96da5f.pf
  • %WINDIR%\prefetch\mscorsvw.exe-90526fac.pf
  • %WINDIR%\prefetch\dllhost.exe-b2eb1806.pf
  • %WINDIR%\prefetch\installer.exe-6c3ab888.pf
  • %WINDIR%\prefetch\ndp48-x86-x64-allos-enu.exe-54656820.pf
  • %WINDIR%\prefetch\42.0.2311.135_chrome_installe-7fd75326.pf
  • %WINDIR%\prefetch\servicemodelreg.exe-1f42b3e3.pf
  • %WINDIR%\prefetch\default-browser-agent.exe-01c82e17.pf
  • %WINDIR%\prefetch\wusa.exe-f04b35c8.pf
  • %WINDIR%\prefetch\ngen.exe-ec3f9239.pf
  • %WINDIR%\prefetch\svchost.exe-007fea55.pf
  • %WINDIR%\prefetch\vcredist_x64.exe-8227a7ef.pf
  • %WINDIR%\prefetch\sppsvc.exe-b0f8131b.pf
  • %WINDIR%\prefetch\userinit.exe-2257a3e7.pf
  • %WINDIR%\prefetch\svchost.exe-05f624ab.pf
  • %WINDIR%\prefetch\jre-8u45-windows-x64.exe-61cc34b3.pf
  • %WINDIR%\prefetch\ose00000.exe-2a4efdbf.pf
  • %WINDIR%\prefetch\pfsvperfstats.bin
  • %WINDIR%\prefetch\readyboot\trace1.fx
  • %WINDIR%\prefetch\regsvr32.exe-8461dbee.pf
  • %WINDIR%\prefetch\setup.exe-a76b5a2e.pf
  • %WINDIR%\prefetch\searchprotocolhost.exe-0cb8cade.pf
  • %WINDIR%\prefetch\trustedinstaller.exe-3cc531e5.pf
  • %WINDIR%\prefetch\setup.exe-c5a66008.pf
  • %WINDIR%\prefetch\vcredist_x64.exe-a53f124b.pf
  • %WINDIR%\prefetch\svchost.exe-7cfedea3.pf
  • %WINDIR%\prefetch\setx.exe-a7e52bf4.pf
  • %WINDIR%\prefetch\searchfilterhost.exe-77482212.pf
  • %WINDIR%\prefetch\tsetup.1.4.3.exe-ef3d6f27.pf
  • %WINDIR%\prefetch\setup.exe-3caebeac.pf
  • %WINDIR%\prefetch\vcredist_x64.exe-d4929c6b.pf
  • %WINDIR%\prefetch\vc_redist.x64.exe-442857d9.pf
  • %WINDIR%\prefetch\vcredist_x86.exe-c622f3ef.pf
  • %WINDIR%\prefetch\setup.exe-7c026c7f.pf
  • %WINDIR%\prefetch\setup.exe-04541c92.pf
  • %WINDIR%\prefetch\servicemodelreg.exe-afddd121.pf
  • %WINDIR%\prefetch\reg.exe-e7e8bd26.pf
  • %WINDIR%\fonts\pristina.ttf
  • %WINDIR%\prefetch\rundll32.exe-36dac103.pf
  • %WINDIR%\prefetch\regtlibv12.exe-d3a27e55.pf
  • %WINDIR%\prefetch\thunderbird setup 78.9.1 (x64-07c878f8.pf
  • %WINDIR%\prefetch\setup.exe-0e8606b0.pf
  • %WINDIR%\prefetch\sc.exe-945d79ae.pf
  • %WINDIR%\prefetch\rundll32.exe-860c49a4.pf
  • %WINDIR%\prefetch\setup.exe-b2453f21.pf
  • %WINDIR%\prefetch\dwm.exe-6ffd3da8.pf
  • %WINDIR%\shellnew\pwrpnt12.pptx
  • %WINDIR%\fonts\consolab.ttf
  • %WINDIR%\fonts\cordiaub.ttf
  • %WINDIR%\fonts\bauhs93.ttf
  • %WINDIR%\fonts\aparaj.ttf
  • %WINDIR%\fonts\baskvill.ttf
  • %WINDIR%\fonts\aparajbi.ttf
  • %WINDIR%\fonts\bell.ttf
  • %WINDIR%\fonts\angsaui.ttf
  • %WINDIR%\fonts\alger.ttf
  • %WINDIR%\fonts\ahronbd.ttf
  • %WINDIR%\fonts\belli.ttf
  • %WINDIR%\fonts\bernhc.ttf
  • %WINDIR%\fonts\arialn.ttf
  • %WINDIR%\enterprise.xml
  • %WINDIR%\downloaded program files\desktop.ini
  • %WINDIR%\dtcinstall.log
  • %HOMEPATH%\saved games\readme.txt
  • %WINDIR%\debug\sammui.log
  • %WINDIR%\assembly\pubpol37.dat
  • %WINDIR%\assembly\desktop.ini
  • %WINDIR%\assembly\publisherpolicy.tme
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\index149.dat
  • %WINDIR%\bootstat.dat
  • %HOMEPATH%\desktop\uep_form_786_bulletin_1726i602.doc.abc
  • %WINDIR%\assembly\nativeimages_v4.0.30319_64\index8f.dat
  • %WINDIR%\assembly\nativeimages_v4.0.30319_32\index90.dat
  • %WINDIR%\assembly\nativeimages_v4.0.30319_32\index8e.dat
  • %WINDIR%\assembly\nativeimages_v4.0.30319_64\index8d.dat
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\index17c.dat
  • %WINDIR%\appcompat\programs\recentfilecache.bcf
  • %HOMEPATH%\videos\desktop.ini.abc
  • %HOMEPATH%\videos\readme.txt
  • %WINDIR%\debug\wia\wiatrace.log
  • %HOMEPATH%\pictures\readme.txt
  • %WINDIR%\fonts\arabtype.ttf
  • %WINDIR%\fonts\angsai.ttf
  • %WINDIR%\fonts\aparaji.ttf
  • %WINDIR%\fonts\ariblk.ttf
  • %WINDIR%\fonts\angsauz.ttf
  • %WINDIR%\fonts\bssym7.ttf
  • %WINDIR%\fonts\calisti.ttf
  • %WINDIR%\fonts\browau.ttf
  • %WINDIR%\fonts\bkant.ttf
  • %HOMEPATH%\desktop\nwfieldnotes1966.docx.abc
  • %WINDIR%\fonts\bod_bi.ttf
  • %WINDIR%\fonts\bod_cb.ttf
  • %WINDIR%\fonts\broadw.ttf
  • %WINDIR%\fonts\bod_blar.ttf
  • %WINDIR%\fonts\brlnsdb.ttf
  • %WINDIR%\fonts\browauz.ttf
  • %WINDIR%\fonts\agencyr.ttf
  • %WINDIR%\fonts\andlso.ttf
  • %WINDIR%\fonts\angsaz.ttf
  • %WINDIR%\fonts\antquabi.ttf
  • %WINDIR%\fonts\angsaub.ttf
  • %WINDIR%\fonts\antquab.ttf
  • %WINDIR%\fonts\antquai.ttf
  • %WINDIR%\fonts\arialnbi.ttf
  • %WINDIR%\fonts\arlrdbd.ttf
  • %WINDIR%\fonts\arialni.ttf
  • %WINDIR%\fonts\aparajb.ttf
  • %WINDIR%\fonts\angsa.ttf
  • %WINDIR%\fonts\angsab.ttf
  • %WINDIR%\fonts\agencyb.ttf
  • %WINDIR%\fonts\arialnb.ttf
  • %WINDIR%\fonts\bellb.ttf
  • %WINDIR%\fonts\angsau.ttf
  • %HOMEPATH%\pictures\desktop.ini.abc
  • %HOMEPATH%\music\desktop.ini.abc
  • %HOMEPATH%\music\readme.txt
  • %HOMEPATH%\desktop\13.jpg.abc
  • %HOMEPATH%\desktop\1189.jpg.abc
  • %HOMEPATH%\contacts\user.contact.abc
  • %HOMEPATH%\contacts\readme.txt
  • %HOMEPATH%\contacts\desktop.ini.abc
  • %ALLUSERSPROFILE%\microsoft help\readme.txt
  • %ALLUSERSPROFILE%\microsoft help\nslist.hxl.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.winword.dev.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.winword.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.setlang.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.powerpnt.dev.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.powerpnt.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.outlook.14.1033.hxn.abc
  • %HOMEPATH%\desktop\64bit_notes.htm.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.outlook.dev.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.ois.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.mstore.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.mspub.dev.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.mspub.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.msouc.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.msaccess.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.infopatheditor.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.msaccess.dev.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.infopath.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.groove.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.excel.dev.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.graph.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.excel.14.1033.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\hx.hxn.abc
  • %ALLUSERSPROFILE%\microsoft help\ms.onenote.14.1033.hxn.abc
  • %HOMEPATH%\desktop\3.jpg.abc
  • %HOMEPATH%\desktop\210252809.jpg.abc
  • %HOMEPATH%\desktop\4f0bf7ff71f28.jpeg.abc
  • %HOMEPATH%\links\recentplaces.lnk.abc
  • %HOMEPATH%\desktop\split.avi.abc
  • %HOMEPATH%\saved games\desktop.ini.abc
  • %HOMEPATH%\links\readme.txt
  • %HOMEPATH%\links\downloads.lnk.abc
  • %HOMEPATH%\links\desktop.ini.abc
  • %HOMEPATH%\favorites\readme.txt
  • %HOMEPATH%\links\desktop.lnk.abc
  • %HOMEPATH%\favorites\desktop.ini.abc
  • %HOMEPATH%\downloads\desktop.ini.abc
  • %HOMEPATH%\downloads\readme.txt
  • %HOMEPATH%\documents\readme.txt
  • %HOMEPATH%\documents\desktop.ini.abc
  • %HOMEPATH%\desktop\trivial-merge.htm.abc
  • %HOMEPATH%\desktop\testcertificate.cer.abc
  • %HOMEPATH%\desktop\telegram.lnk.abc
  • %HOMEPATH%\desktop\tree_view.html.abc
  • %HOMEPATH%\desktop\desktop.ini.abc
  • %HOMEPATH%\desktop\sdszfo.docx.abc
  • %HOMEPATH%\desktop\readme.txt
  • %HOMEPATH%\desktop\hadac_newsletter_july_2010_final.docx.abc
  • %HOMEPATH%\desktop\lisp_success.doc.abc
  • %HOMEPATH%\desktop\issi2013_template_for_posters.docx.abc
  • %HOMEPATH%\desktop\ituneshelpunavailable.htm.abc
  • %WINDIR%\fonts\bod_b.ttf
  • %HOMEPATH%\desktop\february_catalogue__2015.doc.abc
  • %HOMEPATH%\desktop\howto-index.html.abc
  • %HOMEPATH%\desktop\coffee.bmp.abc
  • %HOMEPATH%\desktop\google chrome.lnk.abc
  • %HOMEPATH%\desktop\iisstart.html.abc
  • %HOMEPATH%\desktop\alert.htm.abc
  • %HOMEPATH%\desktop\dashborder_144.bmp.abc
  • %WINDIR%\fonts\bod_cbi.ttf
  • %WINDIR%\fonts\tempsitc.ttf
  • %WINDIR%\fonts\constani.ttf
  • %WINDIR%\fonts\browai.ttf
  • %WINDIR%\fonts\globalmonospace.compositefont
  • %WINDIR%\fonts\upcfi.ttf
  • %WINDIR%\fonts\fms_metadata.xml
  • %WINDIR%\media\savanna\desktop.ini
  • %WINDIR%\fonts\gilb____.ttf
  • %WINDIR%\fonts\corbelz.ttf
  • %WINDIR%\fonts\ravie.ttf
  • %WINDIR%\fonts\mtcorsva.ttf
  • %WINDIR%\fonts\infroman.ttf
  • %WINDIR%\fonts\lbritedi.ttf
  • %WINDIR%\fonts\rocc____.ttf
  • %WINDIR%\fonts\jokerman.ttf
  • %WINDIR%\fonts\consola.ttf
  • %WINDIR%\fonts\elephnt.ttf
  • %WINDIR%\fonts\utsaahb.ttf
  • %WINDIR%\fonts\moolbor.ttf
  • %WINDIR%\fonts\ocraext.ttf
  • %WINDIR%\fonts\perbi___.ttf
  • %WINDIR%\fonts\nrkis.ttf
  • %WINDIR%\fonts\upcibi.ttf
  • %WINDIR%\fonts\upcil.ttf
  • %WINDIR%\fonts\niageng.ttf
  • %WINDIR%\fonts\htowert.ttf
  • %WINDIR%\fonts\gilc____.ttf
  • %WINDIR%\fonts\eraslght.ttf
  • %WINDIR%\fonts\fradmit.ttf
  • %WINDIR%\fonts\frahv.ttf
  • %WINDIR%\fonts\upckl.ttf
  • %WINDIR%\fonts\utsaahi.ttf
  • %WINDIR%\fonts\upcjl.ttf
  • %WINDIR%\fonts\outlook.ttf
  • %WINDIR%\fonts\verdanab.ttf
  • %WINDIR%\fonts\cordiauz.ttf
  • %WINDIR%\fonts\trado.ttf
  • %WINDIR%\fonts\lsansdi.ttf
  • %WINDIR%\fonts\oldengl.ttf
  • %WINDIR%\fonts\georgiai.ttf
  • %WINDIR%\fonts\goudosi.ttf
  • %WINDIR%\fonts\upcki.ttf
  • %WINDIR%\fonts\harngton.ttf
  • %WINDIR%\fonts\fradmcn.ttf
  • %WINDIR%\fonts\browa.ttf
  • %WINDIR%\fonts\gil_____.ttf
  • %WINDIR%\fonts\lbrite.ttf
  • %WINDIR%\fonts\upcii.ttf
  • %WINDIR%\fonts\rockbi.ttf
  • %WINDIR%\fonts\desktop.ini
  • %WINDIR%\fonts\glecb.ttf
  • %WINDIR%\fonts\framdcn.ttf
  • %WINDIR%\fonts\erasmd.ttf
  • %WINDIR%\fonts\snap____.ttf
  • %WINDIR%\fonts\ftltlt.ttf
  • %WINDIR%\fonts\per_____.ttf
  • %WINDIR%\fonts\perb____.ttf
  • %WINDIR%\fonts\maian.ttf
  • %WINDIR%\fonts\imprisha.ttf
  • %WINDIR%\fonts\upclb.ttf
  • %WINDIR%\fonts\upckb.ttf
  • %WINDIR%\fonts\rod.ttf
  • %WINDIR%\fonts\frank.ttf
  • %WINDIR%\fonts\coprgtb.ttf
  • %WINDIR%\fonts\mriamc.ttf
  • %WINDIR%\fonts\upcli.ttf
  • %WINDIR%\fonts\georgia.ttf
  • %WINDIR%\fonts\cordiab.ttf
  • %WINDIR%\fonts\lsansd.ttf
  • %WINDIR%\fonts\framd.ttf
  • %WINDIR%\fonts\ltypeb.ttf
  • %WINDIR%\fonts\brlnsr.ttf
  • %WINDIR%\fonts\brlnsb.ttf
  • %WINDIR%\fonts\bod_cr.ttf
  • %WINDIR%\fonts\bod_pstc.ttf
  • %WINDIR%\fonts\candarab.ttf
  • %WINDIR%\fonts\bookosi.ttf
  • %WINDIR%\fonts\centaur.ttf
  • %WINDIR%\fonts\century.ttf
  • %WINDIR%\fonts\calistbi.ttf
  • %WINDIR%\fonts\calist.ttf
  • %WINDIR%\fonts\bradhitc.ttf
  • %WINDIR%\fonts\castelar.ttf
  • %WINDIR%\fonts\bod_r.ttf
  • %WINDIR%\fonts\califr.ttf
  • %WINDIR%\fonts\censcbk.ttf
  • %WINDIR%\fonts\bookosbi.ttf
  • %WINDIR%\fonts\britanic.ttf
  • %WINDIR%\fonts\candara.ttf
  • %WINDIR%\fonts\bookos.ttf
  • %WINDIR%\fonts\cambria.ttc
  • %WINDIR%\fonts\bod_blai.ttf
  • %WINDIR%\fonts\bod_i.ttf
  • %WINDIR%\fonts\bod_ci.ttf
  • %WINDIR%\fonts\candarai.ttf
  • %WINDIR%\fonts\browaz.ttf
  • %WINDIR%\fonts\califb.ttf
  • %WINDIR%\fonts\browaui.ttf
  • %WINDIR%\fonts\brushsci.ttf
  • %WINDIR%\fonts\browaub.ttf
  • %WINDIR%\fonts\califi.ttf
  • %WINDIR%\fonts\calistb.ttf
  • %WINDIR%\fonts\bookosb.ttf
  • %WINDIR%\fonts\calibri.ttf
  • %WINDIR%\fonts\mod20.ttf
  • %WINDIR%\fonts\upcdbi.ttf
  • %WINDIR%\fonts\leelawad.ttf
  • %WINDIR%\fonts\glsnecb.ttf
  • %WINDIR%\fonts\cordiaz.ttf
  • %WINDIR%\fonts\colonna.ttf
  • %WINDIR%\fonts\chiller.ttf
  • %WINDIR%\fonts\corbel.ttf
  • %WINDIR%\fonts\corbelb.ttf
  • %WINDIR%\fonts\globaluserinterface.compositefont
  • %WINDIR%\fonts\constan.ttf
  • %WINDIR%\fonts\comic.ttf
  • %WINDIR%\fonts\frabkit.ttf
  • %WINDIR%\fonts\cordiau.ttf
  • %WINDIR%\fonts\comicbd.ttf
  • %WINDIR%\fonts\lvnmbd.ttf
  • %WINDIR%\fonts\upcebi.ttf
  • %WINDIR%\fonts\calibriz.ttf
  • %WINDIR%\fonts\trebucit.ttf
  • %WINDIR%\fonts\candaraz.ttf
  • %WINDIR%\fonts\corbeli.ttf
  • %WINDIR%\fonts\upcji.ttf
  • %WINDIR%\fonts\symbol.ttf
  • %WINDIR%\fonts\stencil.ttf
  • %WINDIR%\fonts\consolaz.ttf
  • %WINDIR%\media\calligraphy\desktop.ini
  • %WINDIR%\fonts\poorich.ttf
  • %WINDIR%\fonts\calibrib.ttf
  • %WINDIR%\fonts\cambriai.ttf
  • %WINDIR%\fonts\cambriaz.ttf
  • %WINDIR%\fonts\calibrii.ttf
  • %WINDIR%\fonts\cambriab.ttf
  • %WINDIR%\fonts\browab.ttf
  • %WINDIR%\syswow64\concrt140.dll
Изменяет расширения файлов пользовательских данных (Trojan.Encoder).
Сетевая активность
Подключается к
  • 'sn##########b1.quimeptwl1963.workers.dev':443
TCP
Другие
  • 'sn##########b1.quimeptwl1963.workers.dev':443
UDP
  • DNS ASK sn##########b1.quimeptwl1963.workers.dev
Другое
Перезапускает анализируемый образец
Запускает на исполнение
  • '<Полный путь к файлу>' --foodsum (со скрытым окном)

Рекомендации по лечению

  1. В случае если операционная система способна загрузиться (в штатном режиме или режиме защиты от сбоев), скачайте лечащую утилиту Dr.Web CureIt! и выполните с ее помощью полную проверку вашего компьютера, а также используемых вами переносных носителей информации.
  2. Если загрузка операционной системы невозможна, измените настройки BIOS вашего компьютера, чтобы обеспечить возможность загрузки ПК с компакт-диска или USB-накопителя. Скачайте образ аварийного диска восстановления системы Dr.Web® LiveDisk или утилиту записи Dr.Web® LiveDisk на USB-накопитель, подготовьте соответствующий носитель. Загрузив компьютер с использованием данного носителя, выполните его полную проверку и лечение обнаруженных угроз.
Демо бесплатно

 

Скачать Dr.Web

По серийному номеру

Выполните полную проверку системы с использованием Антивируса Dr.Web Light для macOS. Данный продукт можно загрузить с официального сайта Apple App Store.

Демо бесплатно

 

Скачать Dr.Web

По серийному номеру

Скачать Dr.Web с Apple Store

На загруженной ОС выполните полную проверку всех дисковых разделов с использованием продукта Антивирус Dr.Web для Linux.

Демо бесплатно

 

Скачать Dr.Web

По серийному номеру

  1. Если мобильное устройство функционирует в штатном режиме, загрузите и установите на него бесплатный антивирусный продукт Dr.Web для Android Light. Выполните полную проверку системы и используйте рекомендации по нейтрализации обнаруженных угроз.
  2. Если мобильное устройство заблокировано троянцем-вымогателем семейства Android.Locker (на экране отображается обвинение в нарушении закона, требование выплаты определенной денежной суммы или иное сообщение, мешающее нормальной работе с устройством), выполните следующие действия:
    • загрузите свой смартфон или планшет в безопасном режиме (в зависимости от версии операционной системы и особенностей конкретного мобильного устройства эта процедура может быть выполнена различными способами; обратитесь за уточнением к инструкции, поставляемой вместе с приобретенным аппаратом, или напрямую к его производителю);
    • после активации безопасного режима установите на зараженное устройство бесплатный антивирусный продукт Dr.Web для Android Light и произведите полную проверку системы, выполнив рекомендации по нейтрализации обнаруженных угроз;
    • выключите устройство и включите его в обычном режиме.

Подробнее о Dr.Web для Android

Демо бесплатно на 14 дней

Выдаётся при установке

Скачать с сайта
Скачать с Google Play